General
-
Target
3b3d7619eb68e228800d9c3f5ac23ee3.dll.exe
-
Size
12.4MB
-
Sample
230316-kep7eahh86
-
MD5
3b3d7619eb68e228800d9c3f5ac23ee3
-
SHA1
3007b4cd5ab4d940e2cf9e116134f22deda586ea
-
SHA256
ae8bce2c950ea683276425246918a82935cb7214d08190d5996e31876208ab77
-
SHA512
a37c4e9ff41b51803f34f7257a830d54bb50bd73f019e6bde80e86f6ed23660d2d1e3cf0fa695372648bef05175b7c9e41f1a92f9c7e88331ff16d54ed6d6fee
-
SSDEEP
393216:jDGjz5THB+jnTTxLH143tmCHbJ/CCGKan9I:jgdTHB6nTTpstHwCI9I
Static task
static1
Behavioral task
behavioral1
Sample
3b3d7619eb68e228800d9c3f5ac23ee3.dll
Resource
win7-20230220-en
Malware Config
Extracted
systembc
79.137.203.32:4289
localhost.exchange:4289
Targets
-
-
Target
3b3d7619eb68e228800d9c3f5ac23ee3.dll.exe
-
Size
12.4MB
-
MD5
3b3d7619eb68e228800d9c3f5ac23ee3
-
SHA1
3007b4cd5ab4d940e2cf9e116134f22deda586ea
-
SHA256
ae8bce2c950ea683276425246918a82935cb7214d08190d5996e31876208ab77
-
SHA512
a37c4e9ff41b51803f34f7257a830d54bb50bd73f019e6bde80e86f6ed23660d2d1e3cf0fa695372648bef05175b7c9e41f1a92f9c7e88331ff16d54ed6d6fee
-
SSDEEP
393216:jDGjz5THB+jnTTxLH143tmCHbJ/CCGKan9I:jgdTHB6nTTpstHwCI9I
-
Blocklisted process makes network request
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-