Overview
overview
10Static
static
Invoice-06-1022.iso
windows7_x64
3Invoice-06-1022.iso
windows10-2004_x64
31728.ps1
windows7_x64
11728.ps1
windows10-2004_x64
8Scan_282.jpg
windows7_x64
3Scan_282.jpg
windows10-2004_x64
3Scan_282.jpg.lnk
windows7_x64
3Scan_282.jpg.lnk
windows10-2004_x64
10x.txt
windows7_x64
1x.txt
windows10-2004_x64
1General
-
Target
6d63c7a6-189a-486a-8fed-2bafc6784163.zip
-
Size
124KB
-
Sample
220602-1jcpwabgh5
-
MD5
546b7557b6cf548a0b4979ae0a60c896
-
SHA1
19970bdd324107c487156393b58ab773bbc447f6
-
SHA256
8ea25999fe93b84c817faa74af0ad94f0c0064d8e28fba5fea17665c38695430
-
SHA512
10ffc893ff5f4692da67c10d5cae7bd1a4d6cecc8904eab631c710397427c1311fe65d019f343126062f10d6feb4916f6f1ff8e067306032f14ef769a14278a2
Static task
static1
Behavioral task
behavioral1
Sample
Invoice-06-1022.iso
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Invoice-06-1022.iso
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
1728.ps1
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
1728.ps1
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
Scan_282.jpg
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
Scan_282.jpg
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
Scan_282.jpg.lnk
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
Scan_282.jpg.lnk
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
x.txt
Resource
win7-20220414-en
Behavioral task
behavioral10
Sample
x.txt
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Invoice-06-1022.iso
-
Size
296KB
-
MD5
8e587660e5777ca12b72d46c88974db0
-
SHA1
a874bf87883d194ffee7629b5aff023dbfc53cc3
-
SHA256
867bdda02963b8226378c1d9c7fd01c951b6410a20a054e1fc470bfd2139b1a3
-
SHA512
65f30cee14049df3eb34af6654b2eee6984fb2a2e8a32a4441972934a797a16f5696fdc240e39d1a314ad0047abf9d7486301a5814692b5f15c90253944ed6f8
Score3/10 -
-
-
Target
1728.ps1
-
Size
150KB
-
MD5
732ac4665887f90ad5d320f0e462fce8
-
SHA1
31cb6f21e3d2f50713163163d665053f83bb5bb4
-
SHA256
3efec0b370dfacba1d8a2c9e8563441c6da54ae03925f3f845284d4ea9750731
-
SHA512
8ec4408765d152108981b68a76c42a352f9c623d74220bbbce392500cb8e618a0bd4ac6e2f05057f8520d195d64c38a834facf5cfcf168546b68e4b0287dd849
Score8/10-
Blocklisted process makes network request
-
-
-
Target
Scan_282.jpg
-
Size
88KB
-
MD5
f9b2333cc7e93568486a672225f2dd69
-
SHA1
c0143893cd2461fb2dc2c84330c1bf469dc93c34
-
SHA256
7e3875bf31005d9d352d9b029e4364df19dccf6c77f16539ca974f224a30347c
-
SHA512
d30732aba584782ef2783f388ca9183f9c4b02ec6b3e8741a91fae152f2bae19b655a53d19fc2cdbf85a0da3621d0de6c50129435b6ba937a083416d2d22c7f1
Score3/10 -
-
-
Target
Scan_282.jpg.lnk
-
Size
1KB
-
MD5
371924fdfffd4ca69857e94260c34a74
-
SHA1
2a1dc23c24010a8b5ef3b512ea3e3c6d2f52a44b
-
SHA256
801086851a46749a95efc050102fb85b761c0ccb191dfd29ff39c6b7cacb6292
-
SHA512
f9cbf21c27cf3473a2b73141dfd728d9d8824d20afc24f4b4b93ca5bf9536bd594c7a6d4100be2a2fc9c8e4b85b9dcf9797f61f60267128ea31cb44bfb43aba0
Score10/10-
DoubleBack x64 Payload
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
x.txt
-
Size
287B
-
MD5
50e8bafcb14799325c797c98d6ec21c8
-
SHA1
f2fe6f4bb60c323983f3be5a68e5c8e63a283c20
-
SHA256
6506bc481aa044cb2c1467e432a37e8eb8856f6854e8c80ba814204b45726559
-
SHA512
1f2f0acc38a4aef87d51a4d4b342d996eb3a95185741ab4448a20f611368fd1ab30b9fda3361668afd7958cee09a77021cd64c3d25df766abd6dff64a27ea10b
Score1/10 -