General
-
Target
batman1.zip
-
Size
216KB
-
Sample
231208-m8mdqaba46
-
MD5
b86406aa385d641e99a64c1d4e0dc762
-
SHA1
d971b22f4ad60d4cc0bf301e933076df31c84bd0
-
SHA256
19614f57ed86b1305c8e00443ee49f751a62b19df9f1a72f326d939b0fd69e66
-
SHA512
a1fd42444910c308527f6bf4e030d4df54241cb9108bbcb1724225183f8e645b28f48c0609e87bbc870452a352c2b1978d7edc6c18239413c4ce2529a2f8a8d3
-
SSDEEP
3072:jmMgUvmeeVemDanCmC627kNRrQayPqmi+QvSsg0uvt+8RdGkU66gr7ZxJq0izUXH:jmMgjeQarfIcSs0pRdlU6zdq0GUXryyJ
Static task
static1
Behavioral task
behavioral1
Sample
batman1.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
batman1.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
zloader
TelegramCrypt
AntiAMSIdoc
http://wmwifbajxxbcxmucxmlc.com/post.php
http://pwkqhdgytsshkoibaake.com/post.php
http://snnmnkxdhflwgthqismb.com/post.php
http://iawfqecrwohcxnhwtofa.com/post.php
http://nlbmfsyplohyaicmxhum.com/post.php
http://fvqlkgedqjiqgapudkgq.com/post.php
http://cmmxhurildiigqghlryq.com/post.php
http://nmqsmbiabjdnuushksas.com/post.php
http://fyratyubvflktyyjiqgq.com/post.php
-
build_id
115
Targets
-
-
Target
batman1.exe
-
Size
323KB
-
MD5
afdf2fbc0756ed304d1a33083a5f2b0f
-
SHA1
f3a25627f925390097a64a84ef34c952fe8af036
-
SHA256
a947c216ea52ce23457b3babb1e1eb6275cabe2150d3995553e4de4b8c3d97f4
-
SHA512
1c49e53b21c6cebc7a070667aaf05bc89e1a434270208fb61e54c8d74b8f4f3c70c021567d65e1ae024b16bdddb6f89989434075b9a422f2582d82c861b6ccf1
-
SSDEEP
6144:vG9T0nIO6C3XwbT5QOIJSeEY7EkvBeC1G:HIO6TTeO8Sw7Ekv8C
Score10/10-
Suspicious use of SetThreadContext
-