General
-
Target
2ae853f0b83d3dffeaf192cb3e64209ad52bbfd5f0c41f85f1e1cea7217e3dc4
-
Size
1.1MB
-
Sample
231016-tmwtlaab41
-
MD5
e8edf6671952bf5eb4bfefd587ce565f
-
SHA1
304254da810f4a1d1ce4377c7e71b3c3d5f2ce4e
-
SHA256
2ae853f0b83d3dffeaf192cb3e64209ad52bbfd5f0c41f85f1e1cea7217e3dc4
-
SHA512
1bbd29839d35f78594d74097b46379fe4812c238ea65760301b01454b32e3600f68901bef18b495047d48d3301d77767395d71feb150848882aa97aa42730189
-
SSDEEP
24576:8AzEz9lPbnRQbenR3QzJwTIadRFD3YPKzJ7vFAjP/FrcBb/rq+T:8h5RLTBQNwTIalYPO9F8P/FmbzqK
Static task
static1
Behavioral task
behavioral1
Sample
Birdman/Birdman.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Birdman/Birdman.dll
Resource
win10v2004-20230915-en
Behavioral task
behavioral3
Sample
Birdman/TZZ.pdf.lnk
Resource
win7-20230831-en
Behavioral task
behavioral4
Sample
Birdman/TZZ.pdf.lnk
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
Birdman/Birdman.dll
-
Size
1.8MB
-
MD5
ec8db58467d8e2e2221635c592fcca1a
-
SHA1
e0215d156d2dc59b6259fd5ff792dc740626c8fa
-
SHA256
aebff5134e07a1586b911271a49702c8623b8ac8da2c135d4d3b0145a826f507
-
SHA512
5aaf241388dbb343e059af4a0cfd4d7507189f0c94f415ba9b9d87791e5f2bf81a780f73e2bbc8bb39f90edc779987eb422192fb3facb4c0dae78c140cacb787
-
SSDEEP
24576:FSfBk+9Zl7pC4HE+Y/lU/Z46vVJkWuQpJ53am1u46FxVDmdVxoejIF4UAVddHctD:6kFhgJ8m1u/CVxodFSfd+WC9J
Score5/10-
Suspicious use of SetThreadContext
-
-
-
Target
Birdman/TZZ.pdf.lnk
-
Size
1KB
-
MD5
54801c419cd1468e340604dd320223d8
-
SHA1
413c08277d29c965fb667a83af76d453004a15ed
-
SHA256
d57082ddb6cffaa1b6ad658bba6d79f958a7ea8afbd1f4e1ddfdddb4a7145961
-
SHA512
55a2e1d83e094c8b527ef782da54daa7863f4f17dc9213b1192359d550cbb6f7dd5cc24412ba3a72a7d405df9c2c58ba4d1f64cc640775bb82777840d0b8e6b7
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-