General
-
Target
3b15e508148ba5ce4b81a242102621ddc2211d0add67b08848e21efe8607e8ff
-
Size
175KB
-
Sample
231208-la4pnsbe7v
-
MD5
e4832c37e76f842e250f9e4ba5e06b75
-
SHA1
23f37f0b0bc6bd27a4292b1631e30fff21bc3895
-
SHA256
3b15e508148ba5ce4b81a242102621ddc2211d0add67b08848e21efe8607e8ff
-
SHA512
8b049fdb6405435e1da218c7d21744c599ecc614def4d99e7622457635f32daf0536a68610f23f8c9a3ca1d492dd08df4a0bb19791b8903d013389e506ef5f27
-
SSDEEP
3072:spLemeTM07RH+Rej3a6BDMua5efCtCgCo8ioXoRz:0LteTL+Rk3a6BDk5UoN8
Static task
static1
Behavioral task
behavioral1
Sample
3b15e508148ba5ce4b81a242102621ddc2211d0add67b08848e21efe8607e8ff.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
3b15e508148ba5ce4b81a242102621ddc2211d0add67b08848e21efe8607e8ff.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
zloader
CanadaLoads
Nerino
https://makemoneywithforexxs.com/bFnF0y1r/7QKpXmV3Pz.php
https://monanuslanus.com/bFnF0y1r/7QKpXmV3Pz.php
https://lericastrongs.com/bFnF0y1r/7QKpXmV3Pz.php
https://hyllionsudks.com/bFnF0y1r/7QKpXmV3Pz.php
https://crimewasddef.com/bFnF0y1r/7QKpXmV3Pz.php
https://derekdsingel.com/bFnF0y1r/7QKpXmV3Pz.php
https://simplereffiret.com/bFnF0y1r/7QKpXmV3Pz.php
https://regeerscomba.com/bFnF0y1r/7QKpXmV3Pz.php
-
build_id
75
Targets
-
-
Target
3b15e508148ba5ce4b81a242102621ddc2211d0add67b08848e21efe8607e8ff
-
Size
175KB
-
MD5
e4832c37e76f842e250f9e4ba5e06b75
-
SHA1
23f37f0b0bc6bd27a4292b1631e30fff21bc3895
-
SHA256
3b15e508148ba5ce4b81a242102621ddc2211d0add67b08848e21efe8607e8ff
-
SHA512
8b049fdb6405435e1da218c7d21744c599ecc614def4d99e7622457635f32daf0536a68610f23f8c9a3ca1d492dd08df4a0bb19791b8903d013389e506ef5f27
-
SSDEEP
3072:spLemeTM07RH+Rej3a6BDMua5efCtCgCo8ioXoRz:0LteTL+Rk3a6BDk5UoN8
Score10/10-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-