General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.8767.8779.exe
-
Size
720KB
-
Sample
221128-g928nsge7v
-
MD5
2f1a9826223709d75be19370002f8318
-
SHA1
5d3883d0361f83372f859b319f378cd537ee5ea6
-
SHA256
92d1f9332898d29b815258a651f244ff32296a678b139138df0a80bbb0e553b8
-
SHA512
6f3879194fa4847adc2e908d6ea5f86517dfacdb61bbdca54eeb78b7ba01b02080cba88e9480e3f4905197245e28076dfea84c65386507af1ee58bd07aaeb6ba
-
SSDEEP
12288:gQkKiymD7LxRSnJAyIRASL2jr+8E9sm8LVx4WdoXjenWpJhIn+sCewnJKP2:gQONRSnJAyM5qjlEP85x4moiWpJGn+s+
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.PWSX-gen.8767.8779.exe
Resource
win7-20220812-en
Malware Config
Extracted
formbook
go5o
fS9ce6bj/U7J6Q==
KPSUZUVU42J3IaXPjqsA
cDR9Sz1n2BN9eTutNa2QNg==
POJskuyBUqUdVp2wiI8=
t9gcQ5yNydIfrO4=
9oakDnoh0VXC
o2Z9n/2iYtDFcJ2wiI8=
GLBJZsgVkt3eXZragNJjYiGQ
axuNlck5BkA8plrI
khk2/+G5g43K
Fauoa7FQG6EN2QyITg==
fgaVrOb4mLl1KGNUX6jkXCU=
HQkML53cm6Ae+zIhRg==
TBodPq4E4AJylpZiNa2QNg==
wHghSq49EVU54E8mChOvRi5W3cn3ItLVVw==
rET2JY8u+TgVpzRtRF54Kw==
b0mCXc5pcXHZ9A==
QfuIoOgHl9IfrO4=
87fV+WQT5IKlSnTqmb6SbSMctA==
E+Yg8EqQKJi9XJKVqrA2i9TO78H53I97
LeWeZ50+811sD0hBWqjkXCU=
bPyZY0ld5GN/H1lKRmgmydYQuZuExA==
AJorxbIBwM0aOEAUACYAq7bsdnM=
kmK4G/8W4N04F53/j/V+OagKj3s=
yoe85VGgbYbp9Q==
RvjzEYMiAE0RkZAlUEW1xyw=
7KZWBufulMB8F0pRZXH9HpgGCrj53I97
ZxcsP4Pg7y/Q
8ZwWqJB5PYPI
LtPQ5U70sDU4tuzLDkRuvgzzf+XjIKA=
LchKXNG8SYPI
eggVLIQf8hTMSjmzfseG+SrDa3E=
bxEUqpLITfvWoM/MKoY=
HdSAKTrbmCi85tdKwWB+Lw==
QEVm0WweJVKb4w==
il8YpzvOlbkPJR6mNa2QNg==
8ZA0CXK3Oo7/2QyITg==
hTa9Vowf6DGs1M2Xsvi2bSMctA==
Nd8LI2CzeOhhiYleNa2QNg==
+6pZc6DEXLYNDEnHfpg=
rV6Pc+4HnBmlqWvcdRHjhDg=
aAOicKQ68mpuGYhrn9VjYiGQ
byHN+WL3uVUCF5pYLXY2qanhW2s=
oVj2FDxA0kdA52CsGAFjYiGQ
f0VuN2yEHYKcGttd8OoI
x1fhzaLp/U7J6Q==
oSYRG0luAU4LoJ2wiI8=
0HpzWaxEFkP0Tb+OcYc=
rkZnfqPi/U7J6Q==
QSylwtbvZ72ZSYonpecd
POGQYz0b9VOc4w==
Nc5Obd59MrxFc35fZpzxjjw=
ioQplKY9Bj88plrI
Z/iUov+sY9ZhmpP6qQsUB1c98LQkYL0=
oErD7lsD/wveW1IpRg==
Vhq7aVKdY9vQc52wiI8=
olTu0HTf6FrJ6Q==
tnQDk8o7rgBenB2lVg==
BqSrTy8Dzt0jI47c
Tfz7t524PZkC2QyITg==
32AHHUNa7kYlyQdCmecd
03N6SrhcLU08plrI
BpY8DHfKOcj5emnmiG8IrbbsdnM=
BrGoS7W9TMWQRQkjo+QDWKVPG6EQwg==
thepokecraft.com
Targets
-
-
Target
SecuriteInfo.com.Win32.PWSX-gen.8767.8779.exe
-
Size
720KB
-
MD5
2f1a9826223709d75be19370002f8318
-
SHA1
5d3883d0361f83372f859b319f378cd537ee5ea6
-
SHA256
92d1f9332898d29b815258a651f244ff32296a678b139138df0a80bbb0e553b8
-
SHA512
6f3879194fa4847adc2e908d6ea5f86517dfacdb61bbdca54eeb78b7ba01b02080cba88e9480e3f4905197245e28076dfea84c65386507af1ee58bd07aaeb6ba
-
SSDEEP
12288:gQkKiymD7LxRSnJAyIRASL2jr+8E9sm8LVx4WdoXjenWpJhIn+sCewnJKP2:gQONRSnJAyM5qjlEP85x4moiWpJGn+s+
-
Suspicious use of SetThreadContext
-