General
-
Target
Invoice_Tracking_574759905735853983575835355NVMNBCKJD245.exe
-
Size
274KB
-
Sample
220919-lxh2gsbdc4
-
MD5
324374135914ce8757896f4be3370dd2
-
SHA1
e246f19b67cbb0ac63606018faed40623473ba2f
-
SHA256
13b9cfa2fa9fcd13e989d2914f5933a3d1e210cfd978e8f69b0efd0ecca62ba3
-
SHA512
7a60ae44226fa7bce7ac65e87bb8a5ccb1aee622c3ae6d4f52d59d9dcbba5a7e43557547ddb4cae77ed6cdcabed4c6a93259148525464ab303400c73f9545faf
-
SSDEEP
6144:qumELYtgl0Ff3L5gaRPz7A63fgECLRTyC/8yxuE3Tud6aFuzRWfoTG:qrELYtguZ1A6vgEevY8LaFARWfL
Static task
static1
Malware Config
Extracted
formbook
f4ca
QYZ6iE9Y+CsiZpCBareS0uU=
N2FQLAaH6xXE
Vc6t0MQXN+Llxsqg
ElBedmSvYGGm6yLDhHqzAtmlCxWl
4VpIWShqHR5cpjfQ4bs=
mepO9miu/iFiQQ==
Z8Owqh54IlwEpDfQ4bs=
qcq4uT5HecWZG3EVwKTiUE7slrGQGiyo
IaYYoJikKDDqgV/NigZCLA==
4Xz5pfoCCW/76NnOUrFEOw==
xiijSkVJ3Yuh9OKDcmui/d2lCxWl
cr8MmfpCEu0ULsO3p6w=
JLm2yKHo7hdVb8O3p6w=
Hriy5svWm2Qfq9mPQib9jJI65gOr
2G3nkRpidunlxsqg
gPHUAeXmi8Q9ARy3
6l5WaOf8BxhQDkp5gKQ=
KHHiXs4WOqXZdPhpaw==
+UQ5Vz5O0Ms9ARy3
pNQygKu0OziAvjOHRGLnJA==
M5qPrHO70XILJV/OigZCLA==
Bwz2AdUUvLPoNoBcySTO
KJjsht/Of6qQeYo=
9RZ4FHl1i9tjjLtcaQ==
IHbpfXRupy3AuY53YbeS0uU=
b6mkuLnwenslCkJjG1iATee5mGNJZA==
8zSsXODtGdFshtAAq8/84qAdyWHlSRb8OA==
1mO8Rr4ZsdaKHyjIigZCLA==
/ui43zLv/iFiQQ==
awBv/mmr/iFiQQ==
FzPXOR1MP6LCeacQ230v4cZCSg==
71peZiwr4LDIKTXLigZCLA==
skAiLfTuomFyKFjKigZCLA==
MWxMWMDIzlv8FmCRTC1sEK8smGNJZA==
bdIXrhYkUpPgGFTGigZCLA==
KVi0U6AAgX0bm69LRH+44WFEXQ==
+D5ILQaH6xXE
KXNjcguH6xXE
uUw4NsLMwznO8DCok5284WFEXQ==
bpTmlRJhlBtTIWXQigZCLA==
hgLX9+LVB44xMU7MigZCLA==
9eIK+99sbak=
wEQyQx5W7vq2QGYf2SZtRqSoV+8=
ofjaCQZVBhGwWZd9YbeS0uU=
suPZ6swTIqqQeYo=
U+ZbBWlkdr7vEzXhm/mwHhbKuJ19fA==
1l/oh36HBv2RMXxcySTO
d5wkrq+mz3ZP/1W/
y+Za+XOo1HklJE/6tbU=
MrobxTxIXZ0lwwDx8DuhOB2u
h6nQ6B9ca6o=
niYQHxujFCDG
ITyqOJbtbWmceMO3p6w=
exCIJzB+kFbIzsq9Yw==
R8BN7ertksNfB0c2MGKdjFrtlax0SRb8OA==
ygaUPcYVRNRoV0lrZaunAPI=
u+BS4kyibTLlxsqg
FX5XcVKp1I9JHmyinq4=
1AABJPxNW5kknYkiGzgpWCrE2uc=
e7KTvkWOes4AQHtcySTO
Y8uNpo+SKOIIwvSkOLeS0uU=
wvFsBI3N3VmiZpqxcLeS0uU=
o0s+RSt6lUPH8xcD+W3AEgKm
XCJ0FKy6zloOGiRYXbeS0uU=
mettafizzix.org
Targets
-
-
Target
Invoice_Tracking_574759905735853983575835355NVMNBCKJD245.exe
-
Size
274KB
-
MD5
324374135914ce8757896f4be3370dd2
-
SHA1
e246f19b67cbb0ac63606018faed40623473ba2f
-
SHA256
13b9cfa2fa9fcd13e989d2914f5933a3d1e210cfd978e8f69b0efd0ecca62ba3
-
SHA512
7a60ae44226fa7bce7ac65e87bb8a5ccb1aee622c3ae6d4f52d59d9dcbba5a7e43557547ddb4cae77ed6cdcabed4c6a93259148525464ab303400c73f9545faf
-
SSDEEP
6144:qumELYtgl0Ff3L5gaRPz7A63fgECLRTyC/8yxuE3Tud6aFuzRWfoTG:qrELYtguZ1A6vgEevY8LaFARWfL
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-