Resubmissions

22-09-2022 17:11

220922-vqfr8afgdp 10

20-09-2022 11:34

220920-npqsgachd6 10

General

  • Target

    ffea36eb362bd7a6e654afb51fc067931e46e4e6d54f5a4e2159a9c51c3f1f7c

  • Size

    159KB

  • MD5

    b5c6ac787feb4612d8ec375ce35b6a7d

  • SHA1

    2425ebf40b339d9f32aef1122aa2e832c8d51bd6

  • SHA256

    ffea36eb362bd7a6e654afb51fc067931e46e4e6d54f5a4e2159a9c51c3f1f7c

  • SHA512

    1a9c843067bd3ea7d264a16ebcc7d1fdb57c25e3a3ec0e0bf0ea85272224b0286a09a3c68fc38f40bd81af1b9d9038de90b432e2507f5c0404108cc73f698061

  • SSDEEP

    3072:Um/E8k9ZjpIL+zNch12KbAwSaSbJSp8Bb8EG:N/E8k91zz6/t88EG

Score
10/10

Malware Config

Extracted

Family

marsstealer

Botnet

Default

C2

mars.haksanlogistics.com/gate.php

Signatures

Files

  • ffea36eb362bd7a6e654afb51fc067931e46e4e6d54f5a4e2159a9c51c3f1f7c
    .exe windows x86

    4e06c011d59529bff8e1f1c88254b928


    Headers

    Imports

    Sections