General
-
Target
07b39ffa07fb6be0bb14b3804d0d842b7e7b9287a951ba9a46d415926318fbed
-
Size
130KB
-
Sample
221124-e2gkwscc2x
-
MD5
8413cbe5e4996ae791c58a4b98c02dcb
-
SHA1
726fda1270217da0e70b321c5ab078d411801e36
-
SHA256
07b39ffa07fb6be0bb14b3804d0d842b7e7b9287a951ba9a46d415926318fbed
-
SHA512
eb6f9c24e7bf02962ce0d5aeb5c8fed6e3f1ed843c18a8dcea02775c26e535593c28725581fdccbdf39d5d6fc851909f06b8526fa83c81a061d53f92a7042d4d
-
SSDEEP
3072:3tYgtwCu+a9MMTb/OTlrjmPl3XymSPTTW6ulFoQea8OOB:VJa9MMf+m9nCTGkK8PB
Static task
static1
Behavioral task
behavioral1
Sample
rechnungonline_telekom_000002920019_2014_11_43726700032_de_003938289_027.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
rechnungonline_telekom_000002920019_2014_11_43726700032_de_003938289_027.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
rechnungonline_telekom_000002920019_2014_11_43726700032_de_003938289_027.exe
-
Size
176KB
-
MD5
13997ebf7af8d37dda6697ac03f76cc3
-
SHA1
9be2bcd498406bdfb05f860ad726273c4a7b4f3a
-
SHA256
11ecf58db103eb2ded5b942f303d48b5d77e336b8edfe335fa7b81264d1f50ef
-
SHA512
2894ef41ec784fb39ec663ff8ca5fa8c0ebbd875f95f6e2b843c8bca59d63cc7c43f64df43898290cef31c4b32478819f437fcc4656606d0f7cd4721c735ffee
-
SSDEEP
3072:rGwR1qmB1TQgHtMF5a6I4Ya5Tlrjmvl3XymSPTyAAwoc9+IkMd+zr3/1C:7KLa6I4x3mdnCNAwo42M
Score7/10-
Deletes itself
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-