Overview
overview
10Static
static
1001/2015.5.27/01.vir
windows7_x64
301/2015.5.27/01.vir
windows10_x64
3PER-DCOMP-...ao.dll
windows7_x64
1PER-DCOMP-...ao.dll
windows10_x64
101/2015.5.27/03.exe
windows7_x64
801/2015.5.27/03.exe
windows10_x64
801/2015.5.27/04.exe
windows7_x64
101/2015.5.27/04.exe
windows10_x64
101/2015.5.27/05.exe
windows7_x64
1001/2015.5.27/05.exe
windows10_x64
1001/2015.5.27/07.exe
windows7_x64
701/2015.5.27/07.exe
windows10_x64
701/2015.5.27/09.exe
windows7_x64
1001/2015.5.27/09.exe
windows10_x64
1001/2015.5.27/10.exe
windows7_x64
1001/2015.5.27/10.exe
windows10_x64
1001/2015.5.27/12.pdf
windows7_x64
101/2015.5.27/12.pdf
windows10_x64
101/2015.5.27/13.pdf
windows7_x64
101/2015.5.27/13.pdf
windows10_x64
101/2015.5.27/14.exe
windows7_x64
801/2015.5.27/14.exe
windows10_x64
801/2015.5.27/15.dll
windows7_x64
101/2015.5.27/15.dll
windows10_x64
101/2015.5.27/16.rtf
windows7_x64
1001/2015.5.27/16.rtf
windows10_x64
101/2015.5.27/17.pdf
windows7_x64
101/2015.5.27/17.pdf
windows10_x64
101/2015.5.27/18.doc
windows7_x64
101/2015.5.27/18.doc
windows10_x64
1General
-
Target
9f651ae6ea538238748614a7f86fe2b0f76e881d6c38da581f284e4b6f79b0ca
-
Size
3.3MB
-
Sample
220128-qvbxlsddhj
-
MD5
be6098d5806e306c115c4ecae0e79049
-
SHA1
46a5b8c8132a8f619ab7fcd5494091c727d9d0f1
-
SHA256
9f651ae6ea538238748614a7f86fe2b0f76e881d6c38da581f284e4b6f79b0ca
-
SHA512
6d9bb5390c66c58cba7f63000bc0d26d52fa28121c23f6da5f0bb3a3e16d4b868ef09a917a3a7ffc01c57cac768b73e1874e166b18316952ab5f5d7d99700a9c
Behavioral task
behavioral1
Sample
01/2015.5.27/01.vir
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
01/2015.5.27/01.vir
Resource
win10-en-20211208
Behavioral task
behavioral3
Sample
PER-DCOMP-Intimacao.dll
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
PER-DCOMP-Intimacao.dll
Resource
win10-en-20211208
Behavioral task
behavioral5
Sample
01/2015.5.27/03.exe
Resource
win7-en-20211208
Behavioral task
behavioral6
Sample
01/2015.5.27/03.exe
Resource
win10-en-20211208
Behavioral task
behavioral7
Sample
01/2015.5.27/04.exe
Resource
win7-en-20211208
Behavioral task
behavioral8
Sample
01/2015.5.27/04.exe
Resource
win10-en-20211208
Behavioral task
behavioral9
Sample
01/2015.5.27/05.exe
Resource
win7-en-20211208
Behavioral task
behavioral10
Sample
01/2015.5.27/05.exe
Resource
win10-en-20211208
Behavioral task
behavioral11
Sample
01/2015.5.27/07.exe
Resource
win7-en-20211208
Behavioral task
behavioral12
Sample
01/2015.5.27/07.exe
Resource
win10-en-20211208
Behavioral task
behavioral13
Sample
01/2015.5.27/09.exe
Resource
win7-en-20211208
Behavioral task
behavioral14
Sample
01/2015.5.27/09.exe
Resource
win10-en-20211208
Behavioral task
behavioral15
Sample
01/2015.5.27/10.exe
Resource
win7-en-20211208
Behavioral task
behavioral16
Sample
01/2015.5.27/10.exe
Resource
win10-en-20211208
Behavioral task
behavioral17
Sample
01/2015.5.27/12.pdf
Resource
win7-en-20211208
Behavioral task
behavioral18
Sample
01/2015.5.27/12.pdf
Resource
win10-en-20211208
Behavioral task
behavioral19
Sample
01/2015.5.27/13.pdf
Resource
win7-en-20211208
Behavioral task
behavioral20
Sample
01/2015.5.27/13.pdf
Resource
win10-en-20211208
Behavioral task
behavioral21
Sample
01/2015.5.27/14.exe
Resource
win7-en-20211208
Behavioral task
behavioral22
Sample
01/2015.5.27/14.exe
Resource
win10-en-20211208
Behavioral task
behavioral23
Sample
01/2015.5.27/15.dll
Resource
win7-en-20211208
Behavioral task
behavioral24
Sample
01/2015.5.27/15.dll
Resource
win10-en-20211208
Behavioral task
behavioral25
Sample
01/2015.5.27/16.rtf
Resource
win7-en-20211208
Behavioral task
behavioral26
Sample
01/2015.5.27/16.rtf
Resource
win10-en-20211208
Behavioral task
behavioral27
Sample
01/2015.5.27/17.pdf
Resource
win7-en-20211208
Behavioral task
behavioral28
Sample
01/2015.5.27/17.pdf
Resource
win10-en-20211208
Behavioral task
behavioral29
Sample
01/2015.5.27/18.doc
Resource
win7-en-20211208
Behavioral task
behavioral30
Sample
01/2015.5.27/18.doc
Resource
win10-en-20211208
Malware Config
Extracted
njrat
0.7d
HacKed
supernovaswag.ignorelist.com:5552
sooosoo45.publicvm.com:1111
d0f93c61091a2240aa3fd0d7912b4f59
-
reg_key
d0f93c61091a2240aa3fd0d7912b4f59
-
splitter
|'|'|
Targets
-
-
Target
01/2015.5.27/01.vir
-
Size
1KB
-
MD5
931257e136ab519589132594ab284e23
-
SHA1
9d3d78d1a3f7393abed6d30890f7474ecfa8c1d7
-
SHA256
2113e6037585f1a8d8632900ca49840e22e5fd044855cd7c9f6a8f2382357c06
-
SHA512
12a6bf72bc87764653cb0ab24d82ded8ef4264c403a567fbafa25f5ff6558bda4ce713a8df9b42ac9209e29057769dc39f8c78323dee6ca386f09776d29448af
Score3/10 -
-
-
Target
PER-DCOMP-Intimacao.cpl
-
Size
182KB
-
MD5
98e4f5e65acc6362a0ca510a34d8e295
-
SHA1
b90e44b0b11eaf0a903fda43eb67b0bceab3fced
-
SHA256
7bb4b6eebd9747127887e6d21ecd3c29cf8ff23795ce0df58ff5e7679d4ddcf0
-
SHA512
7e4363a7aa2212de1b349ada2b7973dfef66259980f9e67ec3ee146e780eeb0454c4a214b30ca0fd743414232230cbd302ed5f17ce1ac52f8beba5705201cf04
Score1/10 -
-
-
Target
01/2015.5.27/03.vir
-
Size
624KB
-
MD5
0744320b256d9f8ebf7387982f8efd3d
-
SHA1
e103e00c907ecead188a9b6a589f84ed13add671
-
SHA256
467f04914a1e6093bdaf5c28884bf95ec738234033b3292d289a0799de196d49
-
SHA512
c71c13322d0af3303cd400155f9ea4fec27ccb2ebf4f74132b86f98cdebb79e9a8f58ac2208ece478a973d73f80e0e440d3682f41580fe04c2ab9a26dc5dd406
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
-
-
Target
01/2015.5.27/04.vir
-
Size
1.1MB
-
MD5
00bdf391b4340de4728899e89167fd79
-
SHA1
a4127031f16e52038a944db736457d2420344401
-
SHA256
4c49c340809924ca6e4a87cad9209ad006ae89bdb38d9fa998599c065534ccf4
-
SHA512
ce16f4e4833e17b02f1ac66600acbdaa655f5490ab4d95708a7430c6ab9f73236813ba138de5ecedea3725f926f9b9bc862581e5fa03b990644b1ee87b0b2b0b
Score1/10 -
-
-
Target
01/2015.5.27/05.vir
-
Size
23KB
-
MD5
dd5699246b80540dd884a3d605f7be56
-
SHA1
537ff7480ecbc643193416ca134357d1bef80b42
-
SHA256
01db025f5878054f556dbb972e62ca5ec38a44a2ab9291e53b6cb019e89e3b95
-
SHA512
70f5a2651506da39bba368e2c7e1228727cf47737ed64b80700027765a1dae44268fe85ccf6d8ed19f94341808a2dc4028d38b8ee58d0766095729d89849a431
-
Modifies Windows Firewall
-
-
-
Target
01/2015.5.27/07.vir
-
Size
180KB
-
MD5
6b0b9ad0c784552500e86aba824c0aaf
-
SHA1
1f571f395edc5722cb80bfd3e2f39730876a1019
-
SHA256
233aa10f5c89d48d93c689c7593bba95e29bc570e2819317d4863471ecf2dc02
-
SHA512
7259a760c5a4b9a24f698ae9239a417a5818b0195c32d06db61acda804817aa1063d499f93e58d3a0a4827d5c32f9982d3c5809a1cb738962cb65f0c0c41b81a
Score7/10-
Drops startup file
-
Loads dropped DLL
-
-
-
Target
01/2015.5.27/09.vir
-
Size
28KB
-
MD5
2a87896e592dd168cad17b3ebcee6121
-
SHA1
af4e6d67ed5bf0434672735aa3946437bbcb1450
-
SHA256
d6f7c6720ba9fa9641906eee74098fc4bc825ac216d95f738a2fa51cf3c00384
-
SHA512
2812622744901f2fd8a9150caa8f576e18d56497a3e04c29954d5939d64cb6a297f52b1beac76be28176ec7bd5a5f787874b850ed23305f2ce6a9ed41060c307
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
-
-
Target
01/2015.5.27/10.vir
-
Size
22KB
-
MD5
659844803074f32b274708507df3118c
-
SHA1
104dbcade45c3a01b499bd7ecb73852a5adf6146
-
SHA256
99c065515cad2265f7f826e355c22f8c677682da498d2ae74b2cb96ee27c5ad9
-
SHA512
008d57f5846c85e6ef8ad4a35a5a6838c925dacb9c829fb420c1896581490afcfe27edbfe6e69fa7f32d5fe1eeb06d3f2f8f28eb2cda930c4ab32bf184877986
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
-
-
Target
01/2015.5.27/12.vir
-
Size
188KB
-
MD5
42c7e182b17036e117f6119582ab9f53
-
SHA1
494ca78104a76bb0c8acae01668da4fa3d9c7680
-
SHA256
7a08c9a6765b4ded3c8089b834f524f2c7cc7b5400278eabba16db8f1c1d54e2
-
SHA512
9766547666d99c9344f422179529144c436b85267026cbb916b48ff63bdf78ca2d51c204f6bd53e4f1c865e2043fc90987ff454245d3648d5f5f4a4a76c30d7e
Score1/10 -
-
-
Target
01/2015.5.27/13.vir
-
Size
181KB
-
MD5
662567bf29cc2fb7dcb36ebeddb23da5
-
SHA1
3b60e5c881af8c9ee2633b5c257f2ac8dd15100a
-
SHA256
4dea3a8ec40207fca613640e5e2a3c12215f80ecd68ee0496f68217d68af2b57
-
SHA512
6d1379558131e1839022085ab16119419cee0d7467544074d5ebf6045547300c491b1c14613d25d64c81b400d2298983d28f1db51f709d3b3397a49d3a7660e1
Score1/10 -
-
-
Target
01/2015.5.27/14.vir
-
Size
821KB
-
MD5
9ed9cb3fdd2a68a25665681a94879771
-
SHA1
ad957a4aca28e4ab343cd8151e9e218b39e3f595
-
SHA256
05a5bad78cdb97a78ca13bf4afa525a5294dbc9e6babb41a0861d48e76d64bcb
-
SHA512
15941df8d2dfb085e7604c3e94d4346cb59e240700dd06ceabe28d57cd471dc50ccb7448d5b9a3ac6b2642a3a09367d14819214c915ce4c069a476c43b7da223
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
01/2015.5.27/15.vir
-
Size
78KB
-
MD5
e42f5dbf5678f4a9020798f584f6b008
-
SHA1
3aee531ae558fb08103735dfc9aeaa81d768212a
-
SHA256
23ba4ddbe999f329582bff188778d1e27db1e8182899308c77a077f087878a2a
-
SHA512
196bd228eb1458e2105802424b7c900c2b35b578ee8cfa220d073ca07f8c06f1fdfa4294ce7208ddd1030109f87311e8898f591f8cd5a9ac5b9fec6c05a971d1
Score1/10 -
-
-
Target
01/2015.5.27/16.vir
-
Size
645KB
-
MD5
4be96ff0f019a966dcf941121d9c4708
-
SHA1
b699d9c175ad5e05cfe32fb4bf560af9d2501df5
-
SHA256
28dc42f7c79bc17885a992211492b5c34cedf62d496dea3e179fcbc553c95a17
-
SHA512
2218b56c96e51f42a31250ae9cae8b1249b919966d30c615ed9488c63b1164820f86108b10c202362e86ccc5a1046f0ccf5fc89f948e65a827d7d606903af777
Score10/10-
Adds policy Run key to start application
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
01/2015.5.27/17.vir
-
Size
376KB
-
MD5
9f142ae708642003cd3ac21eb2b0e991
-
SHA1
20616c9639785fb317c42353ff4d0bb76f3daf09
-
SHA256
079f4eefedf1e791c5fc4c4fb0f29cdab4d7b3ee9a56d77f8caac6cfe00f8dac
-
SHA512
bd5022f7554194c75064032bc6a217ec7e95c9b300fac609c353bed28cf2ad3ce8ef62d2c1e541f459daf8c8394ef471335530f4c1e16e167cb2f0a5501c394a
Score1/10 -
-
-
Target
01/2015.5.27/18.vir
-
Size
24KB
-
MD5
ccca0ab4df0f1b9f79ed8a578b3c6c16
-
SHA1
9ff234cb06a5e67b3f834c712c7b9c381f60f9ac
-
SHA256
da7e5ec0d5092ca213e7b8abf44e9b9f7aadaa5c8dab2ed08a4315ee28870004
-
SHA512
28cc99e17567070897e02f22979305a9eaa1b5b03a31f18b4fef0d7f8fa620304f15950d6267804a6bb9e97842576a47ec346d25b0cc1b08020fd6985be45f9a
Score1/10 -