Resubmissions
28/02/2021, 17:05 UTC
210228-pjgnbjwth2 827/02/2021, 12:13 UTC
210227-bpkha5za7s 827/02/2021, 04:19 UTC
210227-7c1xkzg346 1027/02/2021, 03:32 UTC
210227-2xwvzgykxs 827/02/2021, 03:29 UTC
210227-qgrlcph782 827/02/2021, 03:16 UTC
210227-k82qfdjlve 827/02/2021, 02:45 UTC
210227-mjxh7bv4wj 827/02/2021, 02:23 UTC
210227-w6qfkjy5ha 827/02/2021, 02:06 UTC
210227-r385kvgs32 826/02/2021, 23:10 UTC
210226-yds8gthfax 8General
-
Target
Doc_3744.xls
-
Size
62KB
-
Sample
210227-r385kvgs32
-
MD5
47e22049644647ee854cedfe077156e7
-
SHA1
20ad9f47616a8272dece2ec1039a88c09412c97c
-
SHA256
5f2adacaf4ecb00ed24dd9dfe355307d0d6e786e40c945ad4c6d1ae3a4835d2a
-
SHA512
1eeb87173378f4d0e157ee42f5b28e48ff84a35b44d71f004a6180cc2bdbc09e45c071adc7ab0a94c75071fbe3ee13b939ee8cb216b6f2e06c9c24ca34dbbf1b
Malware Config
Targets
-
-
Target
Doc_3744.xls
-
Size
62KB
-
MD5
47e22049644647ee854cedfe077156e7
-
SHA1
20ad9f47616a8272dece2ec1039a88c09412c97c
-
SHA256
5f2adacaf4ecb00ed24dd9dfe355307d0d6e786e40c945ad4c6d1ae3a4835d2a
-
SHA512
1eeb87173378f4d0e157ee42f5b28e48ff84a35b44d71f004a6180cc2bdbc09e45c071adc7ab0a94c75071fbe3ee13b939ee8cb216b6f2e06c9c24ca34dbbf1b
Score8/10-
Modifies RDP port number used by Windows
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-