General
-
Target
Dork_Searcher_v3.zip
-
Size
64.8MB
-
Sample
230806-1w72jscd99
-
MD5
b8b87ac35382afeea0a3d998276924cb
-
SHA1
ae77d0fb6fd3d74890c7530e473e1336345af278
-
SHA256
d75f121a4a8febece59348b4e60a7eae1206931b6c1a39e0163cc1fbab65980e
-
SHA512
53bfbcb7c19a1fa33be4e27d14207f8ca97d26e8d83fed748137a2496066339e470ec89929eedcc1679efd2cb8930373fc3cdcec99a0a42c7b45ff455fb10f62
-
SSDEEP
1572864:dqPPxdoKCV/HgIdNjZ3rdjjsp4UOn7CirarON7DBVb:UPP8KCVfgEB19fdrarORDBVb
Behavioral task
behavioral1
Sample
Dork_Searcher_v3.zip
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
Dork_Searcher_v3.zip
-
Size
64.8MB
-
MD5
b8b87ac35382afeea0a3d998276924cb
-
SHA1
ae77d0fb6fd3d74890c7530e473e1336345af278
-
SHA256
d75f121a4a8febece59348b4e60a7eae1206931b6c1a39e0163cc1fbab65980e
-
SHA512
53bfbcb7c19a1fa33be4e27d14207f8ca97d26e8d83fed748137a2496066339e470ec89929eedcc1679efd2cb8930373fc3cdcec99a0a42c7b45ff455fb10f62
-
SSDEEP
1572864:dqPPxdoKCV/HgIdNjZ3rdjjsp4UOn7CirarON7DBVb:UPP8KCVfgEB19fdrarORDBVb
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-