General
-
Target
Quote1345rev.3.exe
-
Size
1.4MB
-
Sample
230505-zqvctsgf7x
-
MD5
d6d89eff8ae95f17795daf44ddc35389
-
SHA1
a7cf42f11071fe319b4e73203ca8269fb38f008c
-
SHA256
fb71b9df885463cb148e10ddad2b81ca883ce2dcc0a7739808a3e5d203f9d00b
-
SHA512
7228480e71aeca16edbfa221879c931090868eb95a59155520065785573994f201613460c6441861ac2ae575abe74717696fdfc2d14d484310ce723fea19fbc5
-
SSDEEP
24576:4AETCN6fdDv7X8E7Rf/vj6ksjurjtBEmDUheyX7TFqktKOpnAxWB:Yw61XNxmkQismIhXNtZpAc
Static task
static1
Behavioral task
behavioral1
Sample
Quote1345rev.3.exe
Resource
win7-20230220-en
Malware Config
Extracted
darkcloud
https://api.telegram.org/bot5955632087:AAGbHX-YygFpBeOiEaTfH9CY-2MMNrZcY48/sendMessage?chat_id=865011046
Targets
-
-
Target
Quote1345rev.3.exe
-
Size
1.4MB
-
MD5
d6d89eff8ae95f17795daf44ddc35389
-
SHA1
a7cf42f11071fe319b4e73203ca8269fb38f008c
-
SHA256
fb71b9df885463cb148e10ddad2b81ca883ce2dcc0a7739808a3e5d203f9d00b
-
SHA512
7228480e71aeca16edbfa221879c931090868eb95a59155520065785573994f201613460c6441861ac2ae575abe74717696fdfc2d14d484310ce723fea19fbc5
-
SSDEEP
24576:4AETCN6fdDv7X8E7Rf/vj6ksjurjtBEmDUheyX7TFqktKOpnAxWB:Yw61XNxmkQismIhXNtZpAc
-
Detects any file with a triage score of 10
This file has been assigned a triage score of 10, indicating a high likelihood of malicious behavior.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-