Overview
overview
10Static
static
Invoice-06-0922.iso
windows7_x64
3Invoice-06-0922.iso
windows10-2004_x64
31204.ps1
windows7_x64
11204.ps1
windows10-2004_x64
10Scan_314.jpg
windows7_x64
3Scan_314.jpg
windows10-2004_x64
3Scan_314.jpg.lnk
windows7_x64
3Scan_314.jpg.lnk
windows10-2004_x64
10x.txt
windows7_x64
1x.txt
windows10-2004_x64
1General
-
Target
Invoice-06-0922.iso
-
Size
442KB
-
Sample
220602-zpsslsbeh5
-
MD5
0a9cd4404ef6392b4946e759e2dfb4c7
-
SHA1
024fdb8e0fe1ad9cf62fb4c4ea8fe7ee830bd5f5
-
SHA256
c3a06c5448869d4f136f1c15926ec4b2df48993fb86f3bd5dd4a69afbe3d46e4
-
SHA512
2a6033a56993b563adabe903f084d003ad759431aee62d100759705b9034aae6175629b5d7637f44311bf804b32b6922d09d0cc459cd814a15f02c794bfc494e
Static task
static1
Behavioral task
behavioral1
Sample
Invoice-06-0922.iso
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Invoice-06-0922.iso
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
1204.ps1
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
1204.ps1
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
Scan_314.jpg
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
Scan_314.jpg
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
Scan_314.jpg.lnk
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
Scan_314.jpg.lnk
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
x.txt
Resource
win7-20220414-en
Behavioral task
behavioral10
Sample
x.txt
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Invoice-06-0922.iso
-
Size
442KB
-
MD5
0a9cd4404ef6392b4946e759e2dfb4c7
-
SHA1
024fdb8e0fe1ad9cf62fb4c4ea8fe7ee830bd5f5
-
SHA256
c3a06c5448869d4f136f1c15926ec4b2df48993fb86f3bd5dd4a69afbe3d46e4
-
SHA512
2a6033a56993b563adabe903f084d003ad759431aee62d100759705b9034aae6175629b5d7637f44311bf804b32b6922d09d0cc459cd814a15f02c794bfc494e
Score3/10 -
-
-
Target
1204.ps1
-
Size
296KB
-
MD5
8a6d292fdd55ddb97fd2df336f66cfbb
-
SHA1
348401596d0b44faf930787380e146cb5f57795f
-
SHA256
bac3ed96090fb8ceed04adef4857bb8fd50b49ed65655f688e06d207f2daa3b8
-
SHA512
c0dd1b85b19a2f969e4ad9948ef195ba7e5246ce5b45eb27b17c98accf9daf1004b595d3fa0f753cb98ebceb2e5b1bed6b22a31abd69e1467d0b78b3b1374055
Score10/10-
DoubleBack x64 Payload
-
Blocklisted process makes network request
-
-
-
Target
Scan_314.jpg
-
Size
88KB
-
MD5
f9b2333cc7e93568486a672225f2dd69
-
SHA1
c0143893cd2461fb2dc2c84330c1bf469dc93c34
-
SHA256
7e3875bf31005d9d352d9b029e4364df19dccf6c77f16539ca974f224a30347c
-
SHA512
d30732aba584782ef2783f388ca9183f9c4b02ec6b3e8741a91fae152f2bae19b655a53d19fc2cdbf85a0da3621d0de6c50129435b6ba937a083416d2d22c7f1
Score3/10 -
-
-
Target
Scan_314.jpg.lnk
-
Size
1KB
-
MD5
a43cd61911f636d590eb9a5edfc4777f
-
SHA1
419c382c0311691ee2ba00537d640500d1896366
-
SHA256
6ec963361dc22ff695854bbb3838856d78c1aef73ea07fc855b6d82b57ca51b1
-
SHA512
b8889b2f6cde2f85bdcdbe7f529bcdfb6637ec7b29c8f0d1198e954467fb404e1441195942abdb6029bdad5a224628fd05d8f6f8fe0431eb5d9bd13d2e2d7958
Score10/10-
DoubleBack x64 Payload
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
x.txt
-
Size
288B
-
MD5
693cfc31ac4238d88de56ed5cc0241f9
-
SHA1
6d13fb459f8e98b0f2809b0ddbf31324f02a04bb
-
SHA256
a128e719e7c92826212941176d93c6373c306d8b924a8a932be23d902d6e8577
-
SHA512
747e9a9a26bb2668be184e08f640aeeb89525ea1b549bc437974b7e9106bcc809c3b06a6905e458daee9ced8ecd4ad70677ce6b3e19f56fa8ec042657d3107f9
Score1/10 -