General
-
Target
DHL-Official-Returned Document_Details & Forms for shipment_Monday_03_10.exe
-
Size
439KB
-
Sample
221003-jzzqxafhen
-
MD5
4bdca6f10a1373637dd801a75fc1f81c
-
SHA1
3e1c99df19444b2441add587488d08d104b1f0ce
-
SHA256
c4d1c39814d1e2d2aff5e0bd608585c6ff9c932c3480d73eb30310cf3c4be029
-
SHA512
ef265050be955af1cb9ad3f811135c4c47c95ed1f1ca6f8aaa1ec2940452d53c1e923a85c38a5bca9efe402782c85e4e7e992acacfac02b2bff23559dd69d9aa
-
SSDEEP
6144:1wdzgWHDaQSfwCnF3a44NPaQkodOEisSAv++Ki:AtsfJ3kaQlOEijw8
Static task
static1
Behavioral task
behavioral1
Sample
DHL-Official-Returned Document_Details & Forms for shipment_Monday_03_10.exe
Resource
win7-20220812-en
Malware Config
Extracted
formbook
sfku
UxeFicUbOpd46AQYtA==
IJ+RNyP7bSXZVa7DG8UCPvdo
YaaIFQ9pTkowvTJzXI9C
POI6NVvR+O1PL7S/1t5T+wFu
H6SPKSyBd2A73mRqLrZCihwwbF7/5CM=
wSobu7GXOEncCJTU5uVT+wFu
ntC8I5ATSW7X5Eg=
1cAlOMOvTR2Pms1g7i8=
YF89pQ5Nwl1ktPQ1vg==
xd3te2m1055/I10=
HUYtlhf5aMFlTyUptg==
s7apYiwKg1LOBHiJisclZYykJ2YX
ADP8saeVNh/gavD3IJrjzxY=
lTykxcRnft2YWgG3AnKtoQ==
jRUJrqaSMyvE9Wq33eFT+wFu
hOk8LymRnYPlBHbSer7aHL/dINi1cz5j
LiUEmVNXsslNh1Oc
P3h7+mjnFZ5oUFTnWNFnqw==
EWpB5dnQblC+8G58lElfer0t9Q==
5eXHkp8tRabI
b5JtHht+qxckq5HYevSN2XyksWs=
DhH1il1nH/lnL6Oe
KB6Sj7cvTbTHfHqFJGyIxHyksWs=
6I7y/zmRiOjyk2JvaCI0C4y5txzIyQ==
D5qOGi6HeMHYimqxcukN4zqHS7x5PNUpbQ==
FMQdN3LKxyr39FCD
HXpg++DqjnMfR1x1OWusow==
FM+aFIjQJR7k4Uo=
1de4gsYjPs22aQ==
/Pp8g7QTKz4HfwVHhFBoer0t9Q==
xo7+8RhpYLPOdFeSO8AA4Ct0SMN6PNUpbQ==
PFQjw8klRK3RjYbTz4OWc9MNhCnRyw==
4CX2inzLtagoGQ9LsGPZkwc=
3V+pvwFbUIhkDeg7nAJL
mKqNLu/GOxqaYOfaow==
Y2ji+XP/AfdzPwdRXg5K
3timVEAoxapDI5aU
6uvDU8kuNU8ZrC1zXI9C
AAFxjAh5lvQm6AQYtA==
q97VF+DPYkHP/3SBoqCCywQ6+Q==
X66iF9Tlfh7k4Uo=
xvbnbtIoPs3UWEaYoVpHg/lfTxK3pfx1
O2pK24tq0ARf/kl/JDg=
jfZRST+ljzJU/El/JDg=
zwQBl1UzpXijvCihXZPBqQ==
Z3Nu3dHHcfxBcec+AQiqtA==
52Bh/LqIKT/Jl/BzXI9C
f87DQOrmlWzUy+FtADY=
Zoxo86WRQiWEtDE6JhGb4bQShCnRyw==
pqh9Eb9EKCHd
ZZg19/ZYy+HA
EoKFCL+tF2E6262rNLRU4glI/w==
Ae5QnmxJxZrHGHqJ
m9bMgkrt4sURE0kLIyxg/tEh43UTnOJfeg==
7DZD3ZGNPubF71M=
PVA23SNYy+HA
cCier6hDXLqIExhiOWusow==
3s46a+ZDYs2fKe/ac7PGpIjWQGdMseVr
81i0vK4KK4yUDeBzXI9C
PSwIuHVG5b5DI5aU
AfrTV5p5JR7k4Uo=
mIni/W3PwxIswzZzXI9C
Qt05Y6EPJi0CrC9zXI9C
WLuf3qDgF/zK
schwarznaeher.net
Targets
-
-
Target
DHL-Official-Returned Document_Details & Forms for shipment_Monday_03_10.exe
-
Size
439KB
-
MD5
4bdca6f10a1373637dd801a75fc1f81c
-
SHA1
3e1c99df19444b2441add587488d08d104b1f0ce
-
SHA256
c4d1c39814d1e2d2aff5e0bd608585c6ff9c932c3480d73eb30310cf3c4be029
-
SHA512
ef265050be955af1cb9ad3f811135c4c47c95ed1f1ca6f8aaa1ec2940452d53c1e923a85c38a5bca9efe402782c85e4e7e992acacfac02b2bff23559dd69d9aa
-
SSDEEP
6144:1wdzgWHDaQSfwCnF3a44NPaQkodOEisSAv++Ki:AtsfJ3kaQlOEijw8
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-