General
-
Target
Request Quotation for New inq no .2018-780.ace
-
Size
289KB
-
Sample
210419-qtg5nvbp8e
-
MD5
565bcd5842892dfaf31d63b503dd9c84
-
SHA1
d603c7333849be2af12bf6b2e5038f8ce4f50c56
-
SHA256
4531046b672dc2cbb9dce96e1afdc886799ef9d326f6f2f027e936fdf47bc2f2
-
SHA512
641d3a2274bf57f289d229a1209e914e48eaeae99051c996beca1185a7afbb4c541c775cdb84a0a7d25f2e729ea555679ab1e71b01261d39a41cdbf9feaf2b4b
Static task
static1
Behavioral task
behavioral1
Sample
Request Quotation for New inq no .2018-780.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Request Quotation for New inq no .2018-780.exe
Resource
win10v20210408
Malware Config
Extracted
oski
31.210.20.228
Targets
-
-
Target
Request Quotation for New inq no .2018-780.exe
-
Size
429KB
-
MD5
385cf85664e48a1456642948b86ddaee
-
SHA1
fccccd86f97846e7ba4b58159bf4015e2b21a86e
-
SHA256
d5e15aa82a4f0b9cbf333078abb260229c43f1b04037d7bab9ef1364da48262f
-
SHA512
a3a131d8e4100332bc94b3115bc7257e92b646cda89ac45c4b06d066592ee36a31a74d9a405fb96a66d94032a4bc733af1a24bbf10f1d24f10a258dff583bb83
Score10/10-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-