General
-
Target
Invoice.exe.bin
-
Size
956KB
-
Sample
230505-zj8a4sgd21
-
MD5
ae39d887355354bbe63f6cec19518ec0
-
SHA1
3c87093e3f49d666fec1c7e6c1dcd26527e49e9e
-
SHA256
c88dd07515cb029ada85020dfdc2e20768861c9f3c47855d5b07a62daa3381e7
-
SHA512
409b51659d0105e126351ea02a80b24515123d70426a129eb8b4ec418d095b7a16ec1754ad8a4d8f68c2a7d299d97bb37a56badf3ec5e09fab5a2ea6e576e823
-
SSDEEP
24576:5m0/34HuosqDIdxe/KhMangc1iO3+zXPqcT:MsIHVsqDCXnK2+zXPq2
Static task
static1
Behavioral task
behavioral1
Sample
Invoice.exe
Resource
win7-20230220-en
Malware Config
Extracted
darkcloud
https://api.telegram.org/bot5747177798:AAGv5MNvuUjtsZ9QlXMkdP6QssoMkGFSw6s/sendMessage?chat_id=805410216
Targets
-
-
Target
Invoice.exe.bin
-
Size
956KB
-
MD5
ae39d887355354bbe63f6cec19518ec0
-
SHA1
3c87093e3f49d666fec1c7e6c1dcd26527e49e9e
-
SHA256
c88dd07515cb029ada85020dfdc2e20768861c9f3c47855d5b07a62daa3381e7
-
SHA512
409b51659d0105e126351ea02a80b24515123d70426a129eb8b4ec418d095b7a16ec1754ad8a4d8f68c2a7d299d97bb37a56badf3ec5e09fab5a2ea6e576e823
-
SSDEEP
24576:5m0/34HuosqDIdxe/KhMangc1iO3+zXPqcT:MsIHVsqDCXnK2+zXPq2
-
Suspicious use of SetThreadContext
-