Static task
static1
Behavioral task
behavioral1
Sample
infected.zip
Resource
win10v2004-20230621-en
Behavioral task
behavioral2
Sample
Incidencia-Declaracion_6sgtf.zip
Resource
win10v2004-20230621-en
Behavioral task
behavioral3
Sample
Documento-@_Incidencia-Declaracion.msi
Resource
win10v2004-20230621-en
Behavioral task
behavioral4
Sample
RE 01850669.msg
Resource
win10v2004-20230621-en
Behavioral task
behavioral5
Sample
image001.jpg
Resource
win10v2004-20230621-en
Behavioral task
behavioral6
Sample
image002.png
Resource
win10v2004-20230621-en
General
-
Target
infected.zip
-
Size
3.1MB
-
MD5
ed173034fcbfce973004a5df16cc23b8
-
SHA1
d3466332928236fd7e40f830f67f9c09a283eb33
-
SHA256
91eb973a8bafa8cb19d6adc7dae4e547314472bfb48869cceccb2fb926280d94
-
SHA512
5882a5b36bbb59d69bc7d3ffca22c383ef4394b282cdb444fdeed3c6692d712f8d5fc03f6ffd66a1e6bc951082b6a16321414e7f11e0e746823a2c19b5658203
-
SSDEEP
98304:TQDT4oks464/7yLyxMk1OM32nN2Bs6PMVWCXFIjLYv:TQDT4uwymxPanj6PMVHh
Malware Config
Signatures
Files
-
infected.zip.zip
Password: infected
-
Incidencia-Declaracion_6sgtf.zip.zip
Password: infected
-
Documento-@_Incidencia-Declaracion.msi.msi
-
RE 01850669.msg.msg
-
http://bizkaia.eus
-
http://www.azpiegiturak.bizkaia.eus
-
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap');
-
https://secure.adnxs.com/seg?redir=http://124.245.72.148.host.secureserver.net/jwksnj/?hash=Documento-@
-
https://u2779676.ct.sendgrid.net/wf/open?upn=1euRJrSEgqnQTRzrNqWUyuBnK1zT4HBtVbyHk3urrmw6cMraGc-2BFVwNfMG-2FTqt1t15ZkSTY-2BWdLPZueU8wS9jwnMljTqoowOigfoHWCAO26vQh9jc0qthYfMH6tjXpgS1WqYQgXAkvfb-2BLCiw-2BUSbihnX1ceoyKGNbO5Hdb6bG0SN6CvayJUEabnoeJshZOh3wIOivrVDiZo46POJeJDAKDM4ymCqKoUCOWLo9-2BknMk-3D
-
https://www.clubdeinnovacion.es/wp-content/uploads/AEAT.png
-
-
image001.jpg.jpg
-
image002.png.png