General
-
Target
p3wrapper.zip
-
Size
9.6MB
-
Sample
230125-nz99vsfh62
-
MD5
faa4d1340c466d52b085539c52071a93
-
SHA1
7e9b080349901f1a3af5cf6879f30299c071b6a0
-
SHA256
035a192cecb0d2aeb8050a4a8ebf8215a43cbf20191dcc603cb1019d202b528b
-
SHA512
dfa689fd53682c2ebb3a0cdcfbae1b5897319a14156bc4867d7ee1b941fa2308164d85ac5edae795a017919156b0782fe36bcb629b54cc2a5f1923ea05de71e8
-
SSDEEP
196608:9ypysPoVTWLKzjyHnXz8x+i+nCv6XL9qEGb1rWQwKvqLPKyj7H0FFX4PwV:g8lVFcnXYxsnI496b16LPd7H0F6PwV
Behavioral task
behavioral1
Sample
net-helper.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
net-helper.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
p3wrapper.exe
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
p3wrapper.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
net-helper.exe
-
Size
14.4MB
-
MD5
66938c0466b2f359991780e4b7cd0e9c
-
SHA1
ab99cd7e54472bc77552b63b79b81eef77d5d89e
-
SHA256
e0954bf1de9f4afc60357d49c5e973a8d0dde1f84b65bd2930296004fa762188
-
SHA512
b12a37d0d585ec92df015254cbc6e69b4e2beea8b8225dd3c6509b8a479c34702783cbc0bed4145f59f070ff9d4295eeb664382f0b28a9c81808ef3f3f75c877
-
SSDEEP
196608:xxKVllbuJB4ioxztVyXYVzjoetLvVuN10RGDePP:jQll5zJVy2zjTtrVPRgeP
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-
-
-
Target
p3wrapper.exe
-
Size
3.4MB
-
MD5
508fa2d8bcc11dd1a6b1c89a9f299e1c
-
SHA1
1eb736005acd3a4e6584386adf482aff396a16f4
-
SHA256
c0ad03bd5865773c2dec0d4c243af995257c394ec4560bba6810744c6ccd4b3f
-
SHA512
cf7653adec51591be84dd38499d36dc4b3c31f70cc779f6eb789c1490cd1a27562060f3a8e6cfc51fd39e79406a37aa4b3d016d20d367330cc83b6ec92425361
-
SSDEEP
98304:MBmtZMBqxuXQ/3hM5cRXH1e+Ni8QDiZ/8PS7KAtJyjHTp1:6m44gXWj1HCjWaaLJyp1
Score8/10 -