General
-
Target
tsurugihime.exe
-
Size
56.5MB
-
Sample
230323-1b76taac53
-
MD5
556e07b053b09d782627d08bb945def8
-
SHA1
1555dd0f104b8580303acb6143ffb7ef06b281c2
-
SHA256
ef52de89306ffa8d2789dc93ec66cd686da80b51867606a45b1cbede2b1accc7
-
SHA512
cd46badc97e4e81929be9ffc2b7e5059a5025714cd3e13314a8229bb8ccbceac7d26dbbfd7dae41983ca3de08fe9a03a84d278372b1fd81496529035846fe66d
-
SSDEEP
786432:F7v+nGMHGwpylDk63Da9HYhJaImWbjWxsbU1jOgSD1kpcJbAzxd5useld7oWvCM/:WG8pF63OWbjOKUkJ5Azx/AsNJOEMRIU7
Static task
static1
Malware Config
Targets
-
-
Target
tsurugihime.exe
-
Size
56.5MB
-
MD5
556e07b053b09d782627d08bb945def8
-
SHA1
1555dd0f104b8580303acb6143ffb7ef06b281c2
-
SHA256
ef52de89306ffa8d2789dc93ec66cd686da80b51867606a45b1cbede2b1accc7
-
SHA512
cd46badc97e4e81929be9ffc2b7e5059a5025714cd3e13314a8229bb8ccbceac7d26dbbfd7dae41983ca3de08fe9a03a84d278372b1fd81496529035846fe66d
-
SSDEEP
786432:F7v+nGMHGwpylDk63Da9HYhJaImWbjWxsbU1jOgSD1kpcJbAzxd5useld7oWvCM/:WG8pF63OWbjOKUkJ5Azx/AsNJOEMRIU7
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-