General
-
Target
21112023_0007_RIRS.zip
-
Size
1.7MB
-
Sample
231120-tk28lahh3t
-
MD5
24b6e579903a10857e0196f49feb5e31
-
SHA1
98ed3d2872c169bff4de6bf0e08def4cb6fe063d
-
SHA256
a13a66488151b47508a2dd043f8010ad91b96638c0b1a6f83ebbb82c4cb4fc5e
-
SHA512
bc388dcca844c2839c128313df5b9f44734e64d009e0749010413904372c4d3635f701bd8e341433740aab1b1c8005df9648ed6bdf83cc87b1ed9ceff060e8f2
-
SSDEEP
49152:iUWY2+P3eKWjZg+/TkCDAFWMpzTVg2jW+Kr0DKBXIeX5jY:ie2+PuKWlg+LunpzW2yDrCWvs
Static task
static1
Behavioral task
behavioral1
Sample
RIRS.dll
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
RIRS.dll
Resource
win10v2004-20231020-en
Behavioral task
behavioral3
Sample
launcher.bat
Resource
win7-20231020-en
Malware Config
Targets
-
-
Target
RIRS.dll
-
Size
2.5MB
-
MD5
b668a71aa710b1f08ea5ab5db97e89a4
-
SHA1
10fc0ffa4850f290d72753129bbdac4369beffed
-
SHA256
13b18fd073da904d326ad0b54281447a4a1c05678c8d2aa6361fa7f84e95e646
-
SHA512
bc9677764290e6fb4a4f912bc70fff9e3e284ccade96f8e14b95e9a36cb3129662d8f21c83fb847497f98d3ad529a6f22e1d67b8f8885d64d404ea69ed638455
-
SSDEEP
49152:921mU+j4kNwzaKPvghxk1CPwDv3uFmAVpzCTJueu+FNRdonOMyDWgEjGmH9g:9218wzakgDk1CPwDv3uFmAVpzybFNRKy
Score3/10 -
-
-
Target
launcher.bat
-
Size
58B
-
MD5
f627a4b4c2c27385f8f82152aa576808
-
SHA1
a8d71fc8958dda6dea7165c46721061bd659da81
-
SHA256
4f2b4b4a37ccd633ee482dba7190ef279d53d103cdb14bbf1d0cf3cf60cc2a1f
-
SHA512
e9c1a0f88ad85199f63224142c35309fb0a15ae3d696706f8eece9e0026533068351fe8d7f3f9ea928ef590ac71c9bf81f887c70a214d3236271b7e01aba1e2b
-
Detects PikaBot botnet
-
Suspicious use of SetThreadContext
-