General
-
Target
bulletz leaked.rar
-
Size
17.6MB
-
Sample
220923-kb3y4ahfcp
-
MD5
1cda3248932591053d37ac58534fc4ad
-
SHA1
e9f9c1398e85fa2de115d3de0f8bb3583e275522
-
SHA256
0ff15d42660883e59e4e5f473a6f512c5dd2818d9c7cb970261e91ebb3c00947
-
SHA512
46a4bc7997495f6725ccbd0718022101dd3eafb14c9bbd8aa2cdccc028a47cdd6c926d70f8250fa56f562df0f47db7ad862d302ccdd0cac8f6ce8d75402ffbd5
-
SSDEEP
393216:h7edYgWpDo9VSnsEz+o7iSsy2TXW+azlg488hn/1kikk7aUJoli:hSdY7NQdMsyWqlhh/11vCli
Behavioral task
behavioral1
Sample
bulletz leaked/bulletz leaked/builder.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
bulletz leaked/bulletz leaked/builder.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
bulletz leaked/bulletz leaked/bulletz builder.exe
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
bulletz leaked/bulletz leaked/bulletz builder.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
bulletz leaked/bulletz leaked/image.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
bulletz leaked/bulletz leaked/image.dll
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
bulletz leaked/bulletz leaked/builder.dll
-
Size
1.1MB
-
MD5
8673eae95d67e5eb19f0eca3111408e8
-
SHA1
ad3e1ce93782537ffd3cd9e0bb9d30ae22d40ddb
-
SHA256
576d2de2c9ef5bc1ea9bdd73ae8f408004260037c3b72227eed27e995166276d
-
SHA512
65c4eadf448a643f45fa9a0d91497bb25af404c41a3a32686d9e99ba4f4e50783d73f5b13d5df505cc62c465be300746d84a2eaa8000531893cd0b19d6436239
-
SSDEEP
24576:hUsmpWNSUFmCqJPNsTuJDYYviEcHy1t6Y:hSUQWSF8q
Score1/10 -
-
-
Target
bulletz leaked/bulletz leaked/bulletz builder.exe
-
Size
16.9MB
-
MD5
01a5a9e779cfb17c35133bbdbcd375aa
-
SHA1
a1da1c3517aa4a889c4bf47717babdf61afe3120
-
SHA256
165b6c7ee3726a94987d9dc9c245645acc83c923c749569be43317411dbde029
-
SHA512
24654f7447ddd08ab7836c61ca55a0c9d3c26a59c3c40eea4cf1d78919c4c8ad00d0e0b8becf35a1bdc23ee2731805a1697cd347491005d02f0662f9fbccaeb0
-
SSDEEP
393216:Z0XU1WE1FeREWOL2Vmd6m0/m3pz0GzajJBfrSsvEl1Z0hAYg:3jeRayVmdiKDEJB2sMl1ZL/
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
bulletz leaked/bulletz leaked/image.dll
-
Size
1.1MB
-
MD5
8673eae95d67e5eb19f0eca3111408e8
-
SHA1
ad3e1ce93782537ffd3cd9e0bb9d30ae22d40ddb
-
SHA256
576d2de2c9ef5bc1ea9bdd73ae8f408004260037c3b72227eed27e995166276d
-
SHA512
65c4eadf448a643f45fa9a0d91497bb25af404c41a3a32686d9e99ba4f4e50783d73f5b13d5df505cc62c465be300746d84a2eaa8000531893cd0b19d6436239
-
SSDEEP
24576:hUsmpWNSUFmCqJPNsTuJDYYviEcHy1t6Y:hSUQWSF8q
Score1/10 -