General
-
Target
DHL Shipping AWB Documents.exe
-
Size
936KB
-
Sample
230502-nq5ysacg3z
-
MD5
da4b64c9b99a099fc8f1e776a51c89fb
-
SHA1
f978f04c41cd2a4595a162217f32f86700715428
-
SHA256
122c811019fc78d9c872d90ee4b7d21d923a6539980bc30f9d246b0b66003642
-
SHA512
c1541db0511d28f0c791a829d63325a895528d8d427581375c80d1238ecb9e09ff360357d442cd4eb499cd7cbc3f689cdbc1ad3ea8f9205df9d68d50ca305b98
-
SSDEEP
24576:yS1t1zQwT6Qrja6XIgwXL5xpvtkOsHzdkVs4GH:1ZzQk6QrjAlXrAz2Vs4o
Static task
static1
Behavioral task
behavioral1
Sample
DHL Shipping AWB Documents.exe
Resource
win7-20230220-en
Malware Config
Extracted
darkcloud
https://api.telegram.org/bot6220925905:AAFbd3Et4YQi4C1WTvNkPbMsAOdz5c8giT0/sendMessage?chat_id=5463149861
Targets
-
-
Target
DHL Shipping AWB Documents.exe
-
Size
936KB
-
MD5
da4b64c9b99a099fc8f1e776a51c89fb
-
SHA1
f978f04c41cd2a4595a162217f32f86700715428
-
SHA256
122c811019fc78d9c872d90ee4b7d21d923a6539980bc30f9d246b0b66003642
-
SHA512
c1541db0511d28f0c791a829d63325a895528d8d427581375c80d1238ecb9e09ff360357d442cd4eb499cd7cbc3f689cdbc1ad3ea8f9205df9d68d50ca305b98
-
SSDEEP
24576:yS1t1zQwT6Qrja6XIgwXL5xpvtkOsHzdkVs4GH:1ZzQk6QrjAlXrAz2Vs4o
-
Suspicious use of SetThreadContext
-