General
-
Target
SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe
-
Size
444KB
-
Sample
221124-cy53zabf38
-
MD5
cd2f268903f9f40e2daa1c867cd814e9
-
SHA1
a84269aef1bbe3ee773501514676031f85bca7cd
-
SHA256
cacae6414253adb53f45fdde77f42642cd773f2eb6061c2dbc9a2abbf095b90a
-
SHA512
3ae4370a20b099e322308bee9476d94cfbe97110ebc6d3fe805fef83c6d90ece17b1d4cdde5d9409a7dd24cd75b7773725aa331359b4fd6f777a0d75ae03fa91
-
SSDEEP
12288:RP37aKSQW3KDZ8Wi5jWGvJdUIM/assGkwFPB7OIgcA9KqFl:J7aKS7n5/pBzLoPB7OrcWLj
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
formbook
t5ez
v+YaDdg/udazyV4Iyw==
MXDNPIhw1/8BP0Ud2fguBRZ/8nF6wQ==
WsTRjsGfK1Wt+wjFRn9mBQ==
TrAv42rPyfBfhpI=
2FrznhJCG6bpCgm9+n/Xq0cr
phy0dqeRgaeZzcuciHGgrkeVQw==
DIYHd2O24QEB
wVbxr0eqbQZMc4xwQF1W3NdmR2Xc
ncsN3VitpSp18jvXswKeJeQKA1DW
n/FT0RVVULr7fMV0Ykb8ztU=
OET6wvfsbaGp6O2/Rn9mBQ==
2Rb8gNoGR5GEwAeUhcs=
wR8Fc7imd8/3cQeUhcs=
rMZ/VOtX0kR/yV4Iyw==
9YIUqO7RR4iL5Cffi994
03AHmeAX+2F85Cnfi994
9QbOseAK0/c4SGJW
S1EDywDiYofETA==
ivZm1wDWR2hgAEFURn9mBQ==
D2pe4DygKUJKoLidIuwJo4PiKGhyZLPc
lsi2K1iDFzR6/DpQRn9mBQ==
/zCo4+eL8kJ1yV4Iyw==
1kfBY+RBCT1m+VwZZPOVI6t8wA1HczHT
81hmC3Ca42HdKTbfi994
W4xRYXEE9PBfhpI=
siA43PTcU3xs1CPfi994
0zsdmgMSG3XVIzrfi994
pTbHWY63jr+yAhPiTwr+pWz7O4yIxw==
40Q5rOnbvvBfhpI=
WETydKdfads=
8pAcmjWaC3rtLzTfi994
FaZOEEM/hoOxRg==
4ULAPIZ512Gu5W8a0g==
jwQOo/zas9opMUVQRn9mBQ==
2TKVUoL4B4fpHjbNRn9mBQ==
2kDERo173/XeEB/Li2SKGA==
SpL+hsz60RpBxwX+i0w2wElmR2Xc
OnrLSbomEWWTvQeUhcs=
pLp4Yq2dAYU4SGJW
UXs9ZFSNhN44SGJW
1z6sHLQho6+a9ENQ47HKrkeVQw==
70IFzFKAzleiHG0ahqvDjEkUSw==
TaSBagBq5UJ8+kgFvdcFz9MeTUNHczHT
ib2enpa24QEB
81C0oAh7BHmvLoI8+QP2cjeC8nF6wQ==
8/ixkr/ovvM4SGJW
drytJ25jZp2m6PrDMyhACg==
zUjbhwt3cPFmuweUhcs=
pPZe9mWJWb/EGGHHEXX+jEw1
pP7jRswuOb8ovC3tZcZw
DEicjM21q/t27kYRBxL6y9U=
i9Ez3NII0vc4SGJW
YZ9vOVxK0R1KhR7nJ8Q=
7nXra6S24QEB
9oa3ksDptus4SGJW
e95lEZlG8jEc
Y9XSXM1DwRtMeoBA9+QBnyXt8nF6wQ==
QWOEKI3lBrQ4SGJW
qdRvL0cmBrU4SGJW
beRsKEx5zCVxyV4Iyw==
8F5azgPlvh9iXm1NxX5w
HVEX5Gqc8xUJPVJVmoepYTCDQQ==
gA4r3GvUO5ejyV4Iyw==
tfBCGkQZ42OmwsWUis1zGK49eYk=
darkchocolatebliss.com
Targets
-
-
Target
SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe
-
Size
444KB
-
MD5
cd2f268903f9f40e2daa1c867cd814e9
-
SHA1
a84269aef1bbe3ee773501514676031f85bca7cd
-
SHA256
cacae6414253adb53f45fdde77f42642cd773f2eb6061c2dbc9a2abbf095b90a
-
SHA512
3ae4370a20b099e322308bee9476d94cfbe97110ebc6d3fe805fef83c6d90ece17b1d4cdde5d9409a7dd24cd75b7773725aa331359b4fd6f777a0d75ae03fa91
-
SSDEEP
12288:RP37aKSQW3KDZ8Wi5jWGvJdUIM/assGkwFPB7OIgcA9KqFl:J7aKS7n5/pBzLoPB7OrcWLj
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-