General

  • Target

    6809a0bdf06fb9feb48cddbb7336e29948380c333806c45cfaa7c1cdfd6b5c7d.rar

  • Size

    560KB

  • MD5

    5159daf110d779525524ca534c7ead49

  • SHA1

    264162616a60510c240f08f776d0d3c34c1bd882

  • SHA256

    6809a0bdf06fb9feb48cddbb7336e29948380c333806c45cfaa7c1cdfd6b5c7d

  • SHA512

    7b2346fcb543ed9a9ba2d7fa69ecb2cab959909193cafc536fc3cbcf26737968b8527ee34cf4241eb3dd809db044c7bf0838472f1483d7922112336391b62ef8

  • SSDEEP

    12288:JXm61C1gZcRRhc7Z9s6+TCtfZUfcHTNiaxpzV/Jgi:J20XImjs62Gff7z9+i

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 6809a0bdf06fb9feb48cddbb7336e29948380c333806c45cfaa7c1cdfd6b5c7d.rar
    .rar
  • E-dekont.exe
    .exe windows:4 windows x86 arch:x86

    e9c0657252137ac61c1eeeba4c021000


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    20bc9f18cbf0b5fccf1f336a3608e7f7


    Headers

    Imports

    Exports

    Sections

  • Accumulators/whitecup.Lak232
  • Flygtningelandsbyer/Oplukkelig/tildelingsstningens/stafets.tra
  • Melitta/Assonantic/evakueringsvelsers/Jakobskamp/Blyantstegninger.Mum
    .ps1
  • Melitta/Assonantic/evakueringsvelsers/Jakobskamp/Illuminist127.pas
  • Melitta/Assonantic/evakueringsvelsers/Jakobskamp/Sovepudernes.txt
  • Melitta/Assonantic/evakueringsvelsers/Jakobskamp/Sportshallen.lkk
  • Melitta/Assonantic/evakueringsvelsers/Jakobskamp/begrdeligeres.mel
  • Skrvindsels/Bide/Lepidodendron/skriveblokkes.eft
  • Skrvindsels/Bide/Lepidodendron/sljfes.bac
  • Skrvindsels/Bide/Lepidodendron/spirane.mac
  • lokalplanstridiges.str
  • loupen.kap
  • plaustral.bof
  • skoleskibet.phr