Overview

overview

10

Static

static

2FGGFnFJOg8dl5T.exe

windows7_x64

10

2FGGFnFJOg8dl5T.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2FGGFnFJOg8dl5T.exe

  • Size

    529KB

  • Sample

    201109-7mf7dy3fzs

  • MD5

    f1e6f0cfc33a49e3a2171dc5bb30e73b

  • SHA1

    802d19c7e6cf6ab63f893a9d03fa491d4359e7c4

  • SHA256

    b590b1181625df5cc62b8716449c07faf158411381babca4d22988c5d852aafa

  • SHA512

    6b5ed7fd16b8d01aefb023e21f49cae7c1b63c8afd2b1f4a2ff7d69b3cb3e485bd7c6a34b1426981e767431c1771d4c02c2c4337a9d3b147e52150e7e8e854ce

Score
10/10
rezer0

Malware Config

Extracted

Credentials

  • Protocol:     smtp
  • Host:
    smtp.gmail.com
  • Port:
    587
  • Username:
    fabioignacio45@gmail.com
  • Password:
    tonson3090

Targets

    • Target

      2FGGFnFJOg8dl5T.exe

    • Size

      529KB

    • MD5

      f1e6f0cfc33a49e3a2171dc5bb30e73b

    • SHA1

      802d19c7e6cf6ab63f893a9d03fa491d4359e7c4

    • SHA256

      b590b1181625df5cc62b8716449c07faf158411381babca4d22988c5d852aafa

    • SHA512

      6b5ed7fd16b8d01aefb023e21f49cae7c1b63c8afd2b1f4a2ff7d69b3cb3e485bd7c6a34b1426981e767431c1771d4c02c2c4337a9d3b147e52150e7e8e854ce

    Score
    10/10
    rezer0

    • rezer0

      Detects ReZer0, a packer with multiple versions used in various campaigns.

      rezer0

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks