Static task
static1
General
-
Target
guncel_ödeme.eml
-
Size
932KB
-
MD5
5e03ee399890904929ffd55f90aca72a
-
SHA1
507f3434ae23476eddfc8fce0d88f464e7f75806
-
SHA256
32c2cad343c9208f4a3fc3781f32211db3c89f76a290b4de6c6559f9393e18b1
-
SHA512
b3c1f9f99162ffba810c0198342a6dfbae6c8545ac79e03bd68c0a86b6d721730a411b0a354327cae275102c842e38ea6ce6751b5c66377ed19adaa936b0c9dd
-
SSDEEP
24576:kEDs60dhvTXM3JepjMlD0UJ0HFZRAI3bN5Nj:kEw/pvUKaI3hrj
Malware Config
Signatures
Files
-
guncel_ödeme.eml.eml
-
https://www.bleepingcomputer.com/author/bill-toulas/
-
https://www.bleepingcomputer.com/news/security/malicious-android-app-found-powering-account-creation-service/#comment_form
-
https://www.bleepstatic.com/content/hl-images/2022/06/03/android-malware.jpg]
-
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/067e5169-ece3-4ce8-87ad-c7961b8bb396/1.png]Top
-
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/5fbbe461-0859-4e39-962c-531daef85b1f.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop][
-
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/e8259a46-fe5d-4676-b392-3c5a551b7626.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop][
-
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/f85813de-9758-4565-926c-c62533a6955d.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop]READ
-
https://www.bleepingcomputer.com/news/security/cyber-monday-deal-get-50-percent-off-malwarebytes-premium-privacy-vpn/?traffic_source=Connatix
-
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/e9fab64a-baff-4215-b874-27b5a1a65723.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop][
-
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/21825b57-7f6e-48c3-b75a-c1614422e82b.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop]Cyber
-
https://www.bleepstatic.com/images/news/u/1220909/Android%20malware/symoo-complete.png]Symoo
-
https://www.bleepstatic.com/images/news/u/1220909/social%20media/tweet(4).png]
-
https://twitter.com/IngraoMaxime/status/1597224157233942528
-
https://www.bleepstatic.com/images/news/u/1220909/Android%20malware/Fip6YPMWQAEo_r7.jpg]ActivationPW
-
https://docs.google.com/document/d/1ERJ-VVM0GGcwEqmlfIqlzIZuNiPwBCt_NyYA4YJ7OIs/edit
- Show all
-
-
40a749e596b281d72c57c18bf5d389d128e47c153244a7c8683d051214ac52b0.zip.zip
Password: infected
-
40a749e596b281d72c57c18bf5d389d128e47c153244a7c8683d051214ac52b0.zip.zip
-
Quotation.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 786KB - Virtual size: 786KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
email-html-2.txt
-
email-plain-1.txt