General
-
Target
MSI_Library.zip
-
Size
816KB
-
Sample
230206-vvwn8sac6t
-
MD5
9b2817afba45df8f9e8c9fd420dbe2a4
-
SHA1
515d40aaf0eaff6491a5095c2e5722529e4ab8d1
-
SHA256
0ce113c1b27440890f2ed796dab010ae0b2580d7b6c50e7a5ff6fc22d20c65ca
-
SHA512
77316a0411cd075404793dd060833be9d468f7551aefa3a147848eed2f022ab0b5b73218194bc737768933c6466264f5f9cd429f7e27daa84178b245ba2c7736
-
SSDEEP
24576:4Izh8eWjBqhDS6yRrEwRRSL7SJC6e/NwNMD:4M9tyRYwrSLOJGFf
Static task
static1
Behavioral task
behavioral1
Sample
MSI_Library.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
MSI_Library.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
MSI_Library.com
-
Size
656.3MB
-
MD5
a2971198b5bd1fdc87d0b344b334b79f
-
SHA1
c83607a626a2940d73538644a2b2575aca832e5c
-
SHA256
fae9a9a30ee212086fc46f44ebaa6eb6fe68d5badc03d900f1be39683e23bf89
-
SHA512
bf952142a92ce5fbdde8daaaa7f4c11f2d044c3b5af6e834d5dda29361257e215d637751eb21e60d56b1cb67d51f399ef1c058bd47a1fa60fcfe36aba7f41af1
-
SSDEEP
3072:dHyHbsaZZSxHctuuKHtPPj69UC0jIE4/D+jFTUFSxEH/j3z+4xwcFByQNrWTraVa:07GBc8D3XJTsSxgjz+4FZkpOG
Score7/10-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-