General
-
Target
d3f5f3ba65694d9d52899ab3349785bbc8fdce956a7562e4bfd77c433895ebf4
-
Size
127KB
-
Sample
221123-p9eflsgd6x
-
MD5
8e28a4528b960309d3b3e9f0288d0063
-
SHA1
74dff21f26f361a2e5a1e36fdbda38fc4595ccb4
-
SHA256
d3f5f3ba65694d9d52899ab3349785bbc8fdce956a7562e4bfd77c433895ebf4
-
SHA512
f792e69f4af2b3f662053c3f5f91f2c45c892d1ba8e2badb30d79c1492707af8dcb84b7c7ac2af4b984b3ca007b135ddcba51d390059d895e138738dc9b22799
-
SSDEEP
3072:TM3Dmgi9+OtJU5DL7omZdFlYKsX9X8skc+TZI+hPE:TcqpJkhswTlYKsX9X8VRhs
Static task
static1
Behavioral task
behavioral1
Sample
d3f5f3ba65694d9d52899ab3349785bbc8fdce956a7562e4bfd77c433895ebf4.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
d3f5f3ba65694d9d52899ab3349785bbc8fdce956a7562e4bfd77c433895ebf4.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
hhaahhaa
Targets
-
-
Target
d3f5f3ba65694d9d52899ab3349785bbc8fdce956a7562e4bfd77c433895ebf4
-
Size
127KB
-
MD5
8e28a4528b960309d3b3e9f0288d0063
-
SHA1
74dff21f26f361a2e5a1e36fdbda38fc4595ccb4
-
SHA256
d3f5f3ba65694d9d52899ab3349785bbc8fdce956a7562e4bfd77c433895ebf4
-
SHA512
f792e69f4af2b3f662053c3f5f91f2c45c892d1ba8e2badb30d79c1492707af8dcb84b7c7ac2af4b984b3ca007b135ddcba51d390059d895e138738dc9b22799
-
SSDEEP
3072:TM3Dmgi9+OtJU5DL7omZdFlYKsX9X8skc+TZI+hPE:TcqpJkhswTlYKsX9X8VRhs
Score10/10-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Suspicious use of SetThreadContext
-