Overview
overview
10Static
static
10Channel.url
windows7_x64
6Channel.url
windows10-2004_x64
6Robot.url
windows7_x64
6Robot.url
windows10-2004_x64
3Thanks.vbs
windows7_x64
1Thanks.vbs
windows10-2004_x64
1Trinity to...ls.exe
windows7_x64
10Trinity to...ls.exe
windows10-2004_x64
1Web.url
windows7_x64
6Web.url
windows10-2004_x64
6General
-
Target
a12f7c6acfeb81bce0e12c48804e3212f48b5bfaf56231d2339e110e0d8e9e2f
-
Size
1.8MB
-
Sample
220524-v95kpabhc4
-
MD5
cba4f947e203ce5bb64b4c32edc201d0
-
SHA1
2164c1f95e2ed07c06999868ab8e86a08f700804
-
SHA256
a12f7c6acfeb81bce0e12c48804e3212f48b5bfaf56231d2339e110e0d8e9e2f
-
SHA512
b3917ee0a53d071ca90eaf35fc37a36e1fe44d7c729989ccaf43abf611f44de9cda513528aa0f31a47c45ed2f20050d44cb5915b115aed577dc6cb35564fad99
Static task
static1
Behavioral task
behavioral1
Sample
Channel.url
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Channel.url
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
Robot.url
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
Robot.url
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
Thanks.vbs
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
Thanks.vbs
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
Trinity tools/Trinity tools.exe
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
Trinity tools/Trinity tools.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
Web.url
Resource
win7-20220414-en
Behavioral task
behavioral10
Sample
Web.url
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Channel.url
-
Size
113B
-
MD5
b4f5df5c0fd4afa01823efb05509eb7a
-
SHA1
f5eaf089f50742496ca1a9bb4bbbce39c7a79418
-
SHA256
db94deda654831aa1b36ce8eeeb29426af850294b4550639a68839deae28de62
-
SHA512
fedd94c86ac0bb7a7c530ab9d9c27b70ed93866f2f92b77115d1b028949a7fb17ff0114fdbd2ecce39e4cb577f483307624cd1b0666ee3c6a34cdbaae44c824d
Score6/10-
Adds Run key to start application
-
-
-
Target
Robot.url
-
Size
116B
-
MD5
4127f6d4456cb4a5741f1f7fdc190f4d
-
SHA1
beca1b38b45110b651e833c7bd764840bf3c8e97
-
SHA256
6bd187e01ceda60cad3bce523deb489d7c45c8007c58715c10eeb2adab5c4c23
-
SHA512
43dac583ad53331ded9b9ab526b105ced84ff2ad678f72d6da04ae032ae45b8369dab4ae5464aa76212e2fcc7a1088d584b9fea8c774eba2902038f31d446112
-
-
-
Target
Thanks.vbs
-
Size
1KB
-
MD5
7d25b62d12494679ab5a8c8e0314bbc9
-
SHA1
1f127c1afe2f8d7ea39c2e9c8d3b505306c72364
-
SHA256
d707f9bcc12de7c30e61d7796a4681056ebbff7fe25d5276e05edf02859fd39a
-
SHA512
511968294dbb3018a7e97212997de9acd5389c2798eb6b3c509bce3f0d2b99d98c512632fe8a61a8b0cae81cd3da649f273fa1e08309d4708c0ba29324a0c667
Score1/10 -
-
-
Target
Trinity tools/Trinity tools.exe
-
Size
2.0MB
-
MD5
e7b2ec931a901deaf75675100c4ca218
-
SHA1
c21e278f5dd73d8d7fe40ed143b6bd0f422bcd2c
-
SHA256
6858f40193bfb7fb23c1454f39dc931cbd5ecdb7307e42b944b4efa4a3861f1a
-
SHA512
d8f125ef97d68414173cde8a47fc3206247061549a03fcd639f7befcf9052541f81e463884d954fa86a41143a7fae7436b2d7286648935cf97ab35669919c44d
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
Web.url
-
Size
112B
-
MD5
8300fed4499cfe1a8f94ad0425349e75
-
SHA1
d411c1eb899fe1d23166c4cab33c24826d0e66c5
-
SHA256
485e77f2874750613546582c1afd7fd7d883b412a4054871c599bbe45d4a0da9
-
SHA512
feb7d73519d21e420cf3d13efb3eabedb07f7a0792f8a2b82fa1d18e38b6d1d2ad619f98f8cac863dd73106ac06db6acbb56a29372f71e0839b1703cddbfcfff
Score6/10-
Adds Run key to start application
-