General
-
Target
a95c7104d028f8980eb66ca489f4c3caa0edcaa9f10c3b29f498dda6d44f65d5
-
Size
157KB
-
Sample
221124-cpgc9aba67
-
MD5
a91e72ad1e0a66331f0467627e6cfc2c
-
SHA1
b43bcddc7288678b0cecbc0735deef29dd58aae4
-
SHA256
a95c7104d028f8980eb66ca489f4c3caa0edcaa9f10c3b29f498dda6d44f65d5
-
SHA512
43e7fca23f6209a435bab3753bf8c579fc4b5538b1c60ab440a66f5cef6ade801eeffe9ee918d6f2a9b09c23b4d52f720022cfae51c55ca4a4062286e9783c9a
-
SSDEEP
3072:KJzykPD8JI8rxUW8hbYU9Uek7KvhhsLOJlzqFskBcDi+vrA4Q:8PDmI8rOW8hRxkihRzqNBcnAH
Static task
static1
Behavioral task
behavioral1
Sample
Mondial Relay - Suivi Votre Colis.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Mondial Relay - Suivi Votre Colis.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
Mondial Relay - Suivi Votre Colis.exe
-
Size
226KB
-
MD5
cb3d410e74c8ed0c8ac007a5747b678a
-
SHA1
601294ff8a25d831296730de135ce2fe588736ba
-
SHA256
337b7a0119a9512632aa5349449797eff2c569382f220e279bcd595959dc82d1
-
SHA512
1c11c657819134d9fa97e3ed387c9b74c9ed42be8d9e67d9f45ef43b988df6fee82cee076945f23e6604f20d93d2fa3b7dc296459b0f96e42523be5c7988bf2e
-
SSDEEP
6144:JYa2oQoC72vdWAMNZxOdxey8KODF8IvXgV3nhm:JYWRC7EdWAMzQbg8d
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-