General
-
Target
OrdemdeCompra.exe.bin
-
Size
1.0MB
-
Sample
230505-zphbwaeb93
-
MD5
c041ea1db65b15853616addc268a5342
-
SHA1
ff86b0e7c04739835f043da76dca91f8e49351a9
-
SHA256
55182f40b8372c9d9b9f8d5d59ce387b19acb5e355af6a40a6bfbb0bf64bd31f
-
SHA512
85201389170c4fe57d55a3e8b4e9cacecd13bf954ebd3659dfcbe957c75bf227173aa3d2d6f45e852973ba69ff7c582f7000bf66a8f20f5b8fa0dcec1cd95d39
-
SSDEEP
24576:yjCFyy3LuJCKhieUHU03chggmYBKtBp6F:yyyy33GinHC/dBKt
Static task
static1
Behavioral task
behavioral1
Sample
OrdemdeCompra.exe
Resource
win7-20230220-en
Malware Config
Extracted
darkcloud
https://api.telegram.org/bot5747177798:AAGv5MNvuUjtsZ9QlXMkdP6QssoMkGFSw6s/sendMessage?chat_id=805410216
Targets
-
-
Target
OrdemdeCompra.exe.bin
-
Size
1.0MB
-
MD5
c041ea1db65b15853616addc268a5342
-
SHA1
ff86b0e7c04739835f043da76dca91f8e49351a9
-
SHA256
55182f40b8372c9d9b9f8d5d59ce387b19acb5e355af6a40a6bfbb0bf64bd31f
-
SHA512
85201389170c4fe57d55a3e8b4e9cacecd13bf954ebd3659dfcbe957c75bf227173aa3d2d6f45e852973ba69ff7c582f7000bf66a8f20f5b8fa0dcec1cd95d39
-
SSDEEP
24576:yjCFyy3LuJCKhieUHU03chggmYBKtBp6F:yyyy33GinHC/dBKt
-
Suspicious use of SetThreadContext
-