General
-
Target
346c907673f63b007141f403f6ae9b888103132b75a1ab056e5898917f8ab28c
-
Size
4.4MB
-
Sample
230805-egwt3sff22
-
MD5
f61e05f96863f1070d3614d2dd6cb4f7
-
SHA1
43aea9068eed04aa2aa44e352e69a5ba9cecc6c7
-
SHA256
346c907673f63b007141f403f6ae9b888103132b75a1ab056e5898917f8ab28c
-
SHA512
61477452f661cc0835f3806ee93f5c42057b57a4505dbb6f1f739935c875857f12fb5d48c385e4b8473a075dfd1684bdb695cd0ef3c376e9a6a808fde7df25dc
-
SSDEEP
98304:ZBGu/ztzM5DBhXBXrkUULWWd7PrTgvvQ069Rmu/sKWBGJx:ZB3/V+DBhXVkUULbPcY35/sKWm
Static task
static1
Behavioral task
behavioral1
Sample
346c907673f63b007141f403f6ae9b888103132b75a1ab056e5898917f8ab28c.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
346c907673f63b007141f403f6ae9b888103132b75a1ab056e5898917f8ab28c.exe
Resource
win10-20230703-en
Malware Config
Extracted
laplas
http://45.159.189.33
-
api_key
d1a05de376c0be1daa56dfb2715c8a0c5df8a111b8b31decc886df1e48db7c9c
Targets
-
-
Target
346c907673f63b007141f403f6ae9b888103132b75a1ab056e5898917f8ab28c
-
Size
4.4MB
-
MD5
f61e05f96863f1070d3614d2dd6cb4f7
-
SHA1
43aea9068eed04aa2aa44e352e69a5ba9cecc6c7
-
SHA256
346c907673f63b007141f403f6ae9b888103132b75a1ab056e5898917f8ab28c
-
SHA512
61477452f661cc0835f3806ee93f5c42057b57a4505dbb6f1f739935c875857f12fb5d48c385e4b8473a075dfd1684bdb695cd0ef3c376e9a6a808fde7df25dc
-
SSDEEP
98304:ZBGu/ztzM5DBhXBXrkUULWWd7PrTgvvQ069Rmu/sKWBGJx:ZB3/V+DBhXVkUULbPcY35/sKWm
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-