General
-
Target
nudes.scr.exe
-
Size
55.2MB
-
Sample
231221-v11kdadgc3
-
MD5
4797f14ef4a490f96479d4ea720e5c31
-
SHA1
4f766fe3607ba2b8e5bed172510bb8cc7e7c4741
-
SHA256
5b85773c3aaa690e09ea60b802b9c7a628f2e4823f6a945773938d196f601fc4
-
SHA512
27e5b5cc4bd600dfb27ca904b55ddcd7f75ac6ae436aaa8b070bb37d41593bf58a032fa7ce905804cc18cae302656294578459f27cfe5d4ea589479aad5c1b14
-
SSDEEP
1572864:D2MbiJR5Q3jZ8JSk8IpG7V+VPhqF+E7bwjCSKWQScs:DZbC+MSkB05awFMuSK2c
Behavioral task
behavioral1
Sample
nudes.scr.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
nudes.scr.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
nudes.scr.exe
-
Size
55.2MB
-
MD5
4797f14ef4a490f96479d4ea720e5c31
-
SHA1
4f766fe3607ba2b8e5bed172510bb8cc7e7c4741
-
SHA256
5b85773c3aaa690e09ea60b802b9c7a628f2e4823f6a945773938d196f601fc4
-
SHA512
27e5b5cc4bd600dfb27ca904b55ddcd7f75ac6ae436aaa8b070bb37d41593bf58a032fa7ce905804cc18cae302656294578459f27cfe5d4ea589479aad5c1b14
-
SSDEEP
1572864:D2MbiJR5Q3jZ8JSk8IpG7V+VPhqF+E7bwjCSKWQScs:DZbC+MSkB05awFMuSK2c
Score9/10-
Enumerates VirtualBox DLL files
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-