General
-
Target
NEAS.b8fd8f6d1b6ba7437b20318b51a58680_JC.exe
-
Size
27KB
-
Sample
231105-w1gmyaaa9v
-
MD5
b8fd8f6d1b6ba7437b20318b51a58680
-
SHA1
46895b3519f2804274c92a52412ee1bef76d89ec
-
SHA256
92ea5fd097a95ccf4d947ddcfa8227eb1ecab8d51b32c0e4a6e89c7c270691f1
-
SHA512
49b2638620f362daf7e783e0c20e07a9a9038743f3b7e0455b78df15c032a4b2d5a4e3c29ce6390a9e69e4b00f3d0016419e06b05ce4997c5154215a32e1d546
-
SSDEEP
384:am7SCFozc/T94Umdjpxq4TqvhyY3Q6oVxYU3llDT64LdAeMvVW:l7Xezc/T6Zp14hyYtoVxYPLVW
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.b8fd8f6d1b6ba7437b20318b51a58680_JC.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.b8fd8f6d1b6ba7437b20318b51a58680_JC.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
sakula
http://www.we11point.com:443/view.asp?cookie=%s&type=%d&vid=%d
http://www.we11point.com:443/photo/%s.jpg?vid=%d
Targets
-
-
Target
NEAS.b8fd8f6d1b6ba7437b20318b51a58680_JC.exe
-
Size
27KB
-
MD5
b8fd8f6d1b6ba7437b20318b51a58680
-
SHA1
46895b3519f2804274c92a52412ee1bef76d89ec
-
SHA256
92ea5fd097a95ccf4d947ddcfa8227eb1ecab8d51b32c0e4a6e89c7c270691f1
-
SHA512
49b2638620f362daf7e783e0c20e07a9a9038743f3b7e0455b78df15c032a4b2d5a4e3c29ce6390a9e69e4b00f3d0016419e06b05ce4997c5154215a32e1d546
-
SSDEEP
384:am7SCFozc/T94Umdjpxq4TqvhyY3Q6oVxYU3llDT64LdAeMvVW:l7Xezc/T6Zp14hyYtoVxYPLVW
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-