General
-
Target
nancy.chapa-gpj7mC.msi
-
Size
269.0MB
-
Sample
221124-wecf4aad52
-
MD5
0074d21a1a409fcbf14ec0bda00e4d83
-
SHA1
ebfc769d8d6800a5d7429ae9146c95cb6e43fd45
-
SHA256
12bb40a02a534ac740c63a654b60eaf8c6fc286d069103cb1c908fede44f5511
-
SHA512
72c5f7d1f0abd73f9f4765d11e4f1978d2aac168483b19471d46b7567aa0038a19a2afb9f36c44e2e7ae3740b0195f1141fc9fd14e954dbf5e8eda871fef79f2
-
SSDEEP
98304:6P9aeEV9MhPquabU9K+dHud1eF9Z/GJg3Sli2w63OJwSAzP5N7t5Hguj3U+TsgDo:6YezPHd4wOJgEi23OnKNBlrTsgDaE
Static task
static1
Behavioral task
behavioral1
Sample
nancy.chapa-gpj7mC.msi
Resource
win10v2004-20220812-es
Malware Config
Targets
-
-
Target
nancy.chapa-gpj7mC.msi
-
Size
269.0MB
-
MD5
0074d21a1a409fcbf14ec0bda00e4d83
-
SHA1
ebfc769d8d6800a5d7429ae9146c95cb6e43fd45
-
SHA256
12bb40a02a534ac740c63a654b60eaf8c6fc286d069103cb1c908fede44f5511
-
SHA512
72c5f7d1f0abd73f9f4765d11e4f1978d2aac168483b19471d46b7567aa0038a19a2afb9f36c44e2e7ae3740b0195f1141fc9fd14e954dbf5e8eda871fef79f2
-
SSDEEP
98304:6P9aeEV9MhPquabU9K+dHud1eF9Z/GJg3Sli2w63OJwSAzP5N7t5Hguj3U+TsgDo:6YezPHd4wOJgEi23OnKNBlrTsgDaE
Score10/10-
Detected phishing page
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-