General
-
Target
PRINTDOC-26042023.exe
-
Size
1.6MB
-
Sample
230430-kalneshb38
-
MD5
d93c9ba4398fa43ebf524019d9ae0145
-
SHA1
665b39e8c3aaf7fbe323eabe200fbd09b3d5a2c1
-
SHA256
fa683328c33044dc03a980fd332e5634b7498d30659789e103fff5317fb39a28
-
SHA512
b3dd2745cd1b609bf6576e045355eec6db67b605d583f3a1cd064131f32716910f5ba9bf1ab390567a0af07e2cef3122315da07382c99077bc77586276b2f040
-
SSDEEP
24576:P1bMBO5V78tQYqSBzMT4JUkvunQoyfOqmW6VF0lMNH8yb4xsDVa9gmwtUpDdl:PbVeS3MmxVnxUQcLwYDb
Static task
static1
Behavioral task
behavioral1
Sample
PRINTDOC-26042023.exe
Resource
win7-20230220-en
Malware Config
Extracted
bandook
gombos.ru
Targets
-
-
Target
PRINTDOC-26042023.exe
-
Size
1.6MB
-
MD5
d93c9ba4398fa43ebf524019d9ae0145
-
SHA1
665b39e8c3aaf7fbe323eabe200fbd09b3d5a2c1
-
SHA256
fa683328c33044dc03a980fd332e5634b7498d30659789e103fff5317fb39a28
-
SHA512
b3dd2745cd1b609bf6576e045355eec6db67b605d583f3a1cd064131f32716910f5ba9bf1ab390567a0af07e2cef3122315da07382c99077bc77586276b2f040
-
SSDEEP
24576:P1bMBO5V78tQYqSBzMT4JUkvunQoyfOqmW6VF0lMNH8yb4xsDVa9gmwtUpDdl:PbVeS3MmxVnxUQcLwYDb
-
Bandook payload
-
Suspicious use of SetThreadContext
-