Overview
overview
7Static
static
7Injector P...!!.txt
windows7-x64
1Injector P...!!.txt
windows11-21h2-x64
1Injector P...ID.exe
windows7-x64
3Injector P...ID.exe
windows11-21h2-x64
Injector P...52.dll
windows7-x64
1Injector P...52.dll
windows11-21h2-x64
1Injector P...I2.dll
windows7-x64
1Injector P...I2.dll
windows11-21h2-x64
Injector P...la.exe
windows7-x64
7Injector P...la.exe
windows11-21h2-x64
7General
-
Target
Injector PB WIN 10&11.rar
-
Size
975KB
-
Sample
240227-2tzg3adf4y
-
MD5
c41ac7ac557d704c620e65da87f59a74
-
SHA1
c6e28d0bc6659a3d98834d6686f0171d723e172e
-
SHA256
76f096d6db67eeba724c32826df38ba2f65c8efd6e4e9d67fc0e91eb218c4b90
-
SHA512
e5cae39232ed5ee19857cc84b97adbb538f7e4f26b915956f8cd46699b43398a7873d9ca9e48e6efca326c8a73334f510b50bc934c21ecabfcc0a0c05dce43b2
-
SSDEEP
24576:iZjImoRgcREoiwzIOOz0D43smKES64NPBGInhYOAf:iZjIpg8EoPIDK43Sd6o4Inq
Behavioral task
behavioral1
Sample
Injector PB WIN 10&11/Baca Penting !!!!!.txt
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Injector PB WIN 10&11/Baca Penting !!!!!.txt
Resource
win11-20240221-en
Behavioral task
behavioral3
Sample
Injector PB WIN 10&11/Disini Chek HWID.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Injector PB WIN 10&11/Disini Chek HWID.exe
Resource
win11-20240221-en
Behavioral task
behavioral5
Sample
Injector PB WIN 10&11/Injector PB/Bunifu_UI_v1.52.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Injector PB WIN 10&11/Injector PB/Bunifu_UI_v1.52.dll
Resource
win11-20240221-en
Behavioral task
behavioral7
Sample
Injector PB WIN 10&11/Injector PB/Guna.UI2.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
Injector PB WIN 10&11/Injector PB/Guna.UI2.dll
Resource
win11-20240221-en
Behavioral task
behavioral9
Sample
Injector PB WIN 10&11/Injector PB/Loader Koala.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
Injector PB WIN 10&11/Injector PB/Loader Koala.exe
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
Injector PB WIN 10&11/Baca Penting !!!!!.txt
-
Size
81B
-
MD5
0d5071e86e2422a82f8c2e202f9e2974
-
SHA1
bc38360ae4f840b5c8ac6e93a3743f079b14bec9
-
SHA256
90072956962dd31743b36e7685e8355a7130eab40afb0ef4775f1ef88c0e3c3f
-
SHA512
54b317bfb717d1186ed57c65788b106e7e84136f7248528952347b0acd055e92f5666fd484a03f15b5b7b53118cbc3e4f9631f79b77689ec3ff5765842c4f7ca
Score1/10 -
-
-
Target
Injector PB WIN 10&11/Disini Chek HWID.exe
-
Size
27KB
-
MD5
dbc4fd754c9208978790d65a2dfd2534
-
SHA1
78da73e6bc97dd4654f1ca172b8af7cd7a8f2c5a
-
SHA256
56df5bdf5eab089399b36bfd75927fb4b19074f812657aef5067a54bb0c3e223
-
SHA512
211d452e298fd4b7f47e7973401e51a76a443303ac9b2acc15fb54e23227f5a2d1f04fcd52c4a1c79f9587c8f66668d900077b825b38d5c54f02538ed6346d11
-
SSDEEP
768:qdMKW2j6uFSIkxQQu/tfRXMgd07ZqMVWRZa/E:nKW2Z0Ik6Q8tfTd0NpsZEE
Score3/10 -
-
-
Target
Injector PB WIN 10&11/Injector PB/Bunifu_UI_v1.52.dll
-
Size
220KB
-
MD5
3764580d568e4fc506048e04db90562c
-
SHA1
e8d2771a4891ad7b751c4ac153f599d7d58ebd31
-
SHA256
27c8cea7e793ace737415881a5c16b4e2d98ce46609d272e82c6c905ad2d9f36
-
SHA512
fdc11be9388034404c9c71a60374486ff15d552bd8e9f7f74ca345e7d40df20dcb992e6d4e7b509e31e53c910e33ed8e275467da92c30193d6fab16934491763
-
SSDEEP
3072:UYZOzNgqlPPL42pFzo3tgyGkToR74K5BC6u+QVTNDcHaDDPuD6bl4:UYZYgEr44Fzo3tFIEKiJNDcHKPueb
Score1/10 -
-
-
Target
Injector PB WIN 10&11/Injector PB/Guna.UI2.dll
-
Size
1.9MB
-
MD5
aed0276b4fe83e9f315d7f9575513178
-
SHA1
e19698cb57ec89879039491100ede72e3f25001f
-
SHA256
25ab13005a5b8020f86e59dae31728937cf93de879baee7a12c1b32a9530e564
-
SHA512
fa6ec94acbacf2fb5c286c731bf0ee98575466233bf06d42976106edc47d2b3e92ad4952989148b2ef92323e58b8284bb686654566cd000332e1086cd8de1646
-
SSDEEP
24576:rTNgPBPbTkcHYx48hazs9yXQbVzEh621w2C0xpNBy:nqux43YMQZ+621RR3e
Score1/10 -
-
-
Target
Injector PB WIN 10&11/Injector PB/Loader Koala.exe
-
Size
137KB
-
MD5
97f20e50480a7381843301364c434424
-
SHA1
cabcdb1af88624150b86dd7de48e1c10d374dcf7
-
SHA256
59931d9837af4b4f1b87603a2107a5cbe67de518a78153318ce6f794f053dfbd
-
SHA512
08d1b3195d4300f55f0ae178184d95a37eaccc0069edb2f68a099c07de2202085322c6b91dce8bf825a93baa38a0d1f3ddabbdd14e0e17fffaa656f47aada00a
-
SSDEEP
3072:I8b7ytNob7ytNob7ytNE//G5ZE//G5ZE//G5ZAf3a5ZAf3a5ZAf3a5ZE5t1O6TkS:IK5t15ldpESVq
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-