General
-
Target
DOC98374933_JULY2021.iso
-
Size
1.2MB
-
Sample
210722-8wvzfrw6k6
-
MD5
c6c39101ee5c94dff00cd940617d0294
-
SHA1
871a29c9dd5d17ed15e8da5bed728bf6158fcbdf
-
SHA256
9bafab21d172a1a4c7cc88eb44ca8292a8f96f812d7b4c71b706479f22690b7a
-
SHA512
6de8ef8b2f06347aa92eee2c606e160d0cebe1d581ed4ce652eb69088ecbc259229fba5f09d470267de209d33f1fbc5c88196560181516808bd7c4ad1c193b93
Static task
static1
Behavioral task
behavioral1
Sample
DOC98374933_JULY2021.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
DOC98374933_JULY2021.exe
Resource
win10v20210408
Malware Config
Extracted
oski
kckark.xyz
Targets
-
-
Target
DOC98374933_JULY2021.exe
-
Size
1.1MB
-
MD5
7cdabce07469c95df2bfe4bb692757d5
-
SHA1
be7905986d224b15517c5b41d4fc30fec309bd8e
-
SHA256
242acd2bd4415b211de8afd058570aac478e1c257d31e908a2823b8fb3788ede
-
SHA512
15fb71bf0912a3083590c454eacb37ea1e8954d2ce63de1910073192d767ca48ffd0a7192cb095799461a97ce680751bff30f59e5815c327cd9c767322fdc060
Score10/10-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-