General
-
Target
45c76e73fe8180503517cee91c6690cff0f4c7c5dcf19e8b24f133c2420e495a
-
Size
344KB
-
Sample
220521-dlkf6sfhc9
-
MD5
01b9ed6bd19a2648316cb79bba889fae
-
SHA1
22459f2adfd45271922f740925bc2275a4418135
-
SHA256
45c76e73fe8180503517cee91c6690cff0f4c7c5dcf19e8b24f133c2420e495a
-
SHA512
55acef15b304884af5be2210d1e1d7181006c797f0de257fb467e7f7e9166de087746fec70b432f09fa91213321dab7ab001eba2fed0fb138488e82ce7696c44
Static task
static1
Behavioral task
behavioral1
Sample
0890800980900.exe
Resource
win7-20220414-en
Malware Config
Extracted
matiex
Protocol: smtp- Host:
srvc13.turhost.com - Port:
587 - Username:
info@bilgitekdagitim.com - Password:
italik2015
Targets
-
-
Target
0890800980900.exe
-
Size
428KB
-
MD5
66236fab0fc34913339b1ab771e7e330
-
SHA1
79904802f84156a4f20682f6b74b06a8aa5e3866
-
SHA256
16f1c002141bcb30cb7d6c783ce866423aae4511342d80339ee931b1ed0f6a18
-
SHA512
6e93facff68717f3facb8eeec7f9427936bfe5d70a77e552abddb48188cded00e8596d89ac65407dfba330882723e8d185710d4fad7bb2401fcfb7de4ebc8484
-
Matiex Main Payload
-
Suspicious use of SetThreadContext
-