General
-
Target
SecuriteInfo.com.Trojan.DownloaderNET.345.21626.32453.exe
-
Size
684KB
-
Sample
221208-y9jj1abd59
-
MD5
0379ae001c1c573492d6691c94d2a540
-
SHA1
f92b3c78bb2170074ae40f92743432ef10d55f06
-
SHA256
7fa778a38b6adbec2ed8ca4e50d2971c4f135c1bf3b7c24a9adb8f86d3ad2ec5
-
SHA512
d1137357639c3c55460cde25047a4f9706c5ab6501b996cff0ffc30468d4f534da9433218d0a7a4b1c7c2badaf3e44e786443c0b9543b0cc7868f19d28257658
-
SSDEEP
12288:Zrl405A0lVmc7QFRj+ppGLVXcw1916s5cIGdbT0POkCU4H011Q+T3l+zj:BplVTE/9KC916s5cIMkCUFqC3wzj
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.DownloaderNET.345.21626.32453.exe
Resource
win7-20221111-en
Malware Config
Extracted
formbook
4u5a
Y9HWoINcPu0r7SSSKt4FCmk7
G/E64auYdhRQM4wZW2bcOaY=
bL57APty/StRpW49a+EdxA==
TppryJ0SoslHe8gJFVc=
HXxDShYIEcUJDahdv2nvl5Hlbp4=
EKaq5c6w0nV3WWlEqM4Www==
VM+YjE8XS1OLcH1roYF4zA==
OwK0wxmBGnq2Fg==
B1zy4bulyfY9tj9DK2eIkeYArpTt
Avj5JeA8m9girqfQ4+cZxA==
AOY4dmDFkCdX8HUJMw==
5cQUw3pPMYr07V8=
P7ZsN4/zt63AEw==
FYyVCOpB8Vl//kSkDLPo91Yy
jxwZTBp+5gcsccPxDF+K4bDG2Rpp0A==
iGx9AO58DRhZbXX9
prwVyLkAtlhSU6irmansg8wArpTt
uqa8ZPl+FFObOkdFNg==
tL4OhF22EDaEOkdFNg==
6exH76Z9o7eu/n86vgPE
rJfvmmO0I0KSOkdFNg==
fWeyPQpzFxdBSlPuAlA=
imNhpGXCQjOgCw==
KOLqYk7Qy278+j3g
A4mLyKgkynW7jZZt0F8=
380eDrCm3ApZbXX9
1k6VTs/04X8=
6yQgD+RiKrbnhr77i60lI/gyAQ==
rST4Evf891bSukI=
wYh6yzBy3wDSOkdFNg==
i0j/88JPuMOz
1t8w27cIepbAIqSh0G5dsiUnCw==
uI6hQB6EIE+bFW1woYF4zA==
BPL0Pin+82dmW/OhB0Fr5JHlbp4=
XC5/ZktMXzEnk+xGrPFSE+st
srT4c1/AacoX8F0=
zJeU2qIZ2VCSOkdFNg==
j4a8RbuBvuFZbXX9
asVC+9b7w7eu
L6UfqgNtQjOgCw==
yTgIJt0+qNUilvojOWqqBypDFg==
Ie006MzYHidZbXX9
fbVjId1kpfdZbXX9
w7z+dzqeJEZq2/A6vgPE
bkyOQjI+MYr07V8=
EODzbkTAOSJZbXX9
sZXWleMz4n7HrUI=
YuK38tZjKZ3eQJnC3jxvdM7D2Rpp0A==
VTJSAfJU7tISaHT/
d/gIXE8qLIr07V8=
F3XypWdIKor07V8=
uQaJTBhc8R4kr/I6vgPE
1T8ENSkKJLudaZZt0F8=
uc4eyKuvBidZbXX9
txCp1rM0oc4LhQHpKYJQUKKktIT3GWoNJw==
RMLQh/ZpQjOgCw==
0+Qt17zBCyNZbXX9
JC6jMCHmB77Eu/EFdap62w==
t4XGRQqC3kSB9Tpds2j0Wrg=
T7hCMhTkzX2mf4lVAQjjJOgz
DQ6VYEicGU+NFio7Lw==
PCpjzoTZU3Ol9T1coYF4zA==
DxVl5Jum/t5orqfQ4+cZxA==
OaM0F9KunPxoQUk/Nw==
needook.com
Targets
-
-
Target
SecuriteInfo.com.Trojan.DownloaderNET.345.21626.32453.exe
-
Size
684KB
-
MD5
0379ae001c1c573492d6691c94d2a540
-
SHA1
f92b3c78bb2170074ae40f92743432ef10d55f06
-
SHA256
7fa778a38b6adbec2ed8ca4e50d2971c4f135c1bf3b7c24a9adb8f86d3ad2ec5
-
SHA512
d1137357639c3c55460cde25047a4f9706c5ab6501b996cff0ffc30468d4f534da9433218d0a7a4b1c7c2badaf3e44e786443c0b9543b0cc7868f19d28257658
-
SSDEEP
12288:Zrl405A0lVmc7QFRj+ppGLVXcw1916s5cIGdbT0POkCU4H011Q+T3l+zj:BplVTE/9KC916s5cIMkCUFqC3wzj
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-