General
-
Target
INQUIRY No. 063021 Materials for Al Wakra Pro.exe
-
Size
1.3MB
-
Sample
210630-fm727g6d7a
-
MD5
a15915a25a5ec67af6e2e422acedaa68
-
SHA1
c48ccd1326ab3a1d15dec32b1617c2e65ee9d194
-
SHA256
d72da2af39e90713d465aff2de9c4991a2fe6125e06b67cd85cd67915a2c966e
-
SHA512
87bb58dfed4271fc985e2c4987478230b4ed588986749798ffe333ea885bca41f3aa8cf98a0b23bf6e53eaa7cce803e9b717ed5530c8dd5751ae0853005e3fdb
Static task
static1
Behavioral task
behavioral1
Sample
INQUIRY No. 063021 Materials for Al Wakra Pro.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
INQUIRY No. 063021 Materials for Al Wakra Pro.exe
Resource
win10v20210408
Malware Config
Extracted
xpertrat
3.0.10
OSCAR CLIENT
oski123.duckdns.org:1909
I3N7G4R2-G886-I6M4-U4E2-R5H6B0U1T5C8
Targets
-
-
Target
INQUIRY No. 063021 Materials for Al Wakra Pro.exe
-
Size
1.3MB
-
MD5
a15915a25a5ec67af6e2e422acedaa68
-
SHA1
c48ccd1326ab3a1d15dec32b1617c2e65ee9d194
-
SHA256
d72da2af39e90713d465aff2de9c4991a2fe6125e06b67cd85cd67915a2c966e
-
SHA512
87bb58dfed4271fc985e2c4987478230b4ed588986749798ffe333ea885bca41f3aa8cf98a0b23bf6e53eaa7cce803e9b717ed5530c8dd5751ae0853005e3fdb
-
XpertRAT Core Payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Adds policy Run key to start application
-
Adds Run key to start application
-
Program crash
-
Suspicious use of SetThreadContext
-