General
-
Target
4abdae9b05fb343406136ff0cf863e8f403dc294578f111a746b125d59c5c91b.exe
-
Size
953KB
-
Sample
240322-c2bzashe6x
-
MD5
971bdb03f3caf8bb34464d3629c6fd5a
-
SHA1
2c28ace22924960730814e5a787ffcadde187278
-
SHA256
4abdae9b05fb343406136ff0cf863e8f403dc294578f111a746b125d59c5c91b
-
SHA512
6e160db5481a91b18bfee7ecdd7a1a18150072f5c518b351c6ffa36f2b176ee46318e61c42b58e00278dc926446e5b040aa85e42ab610faf9bd8822d7bc4bcd2
-
SSDEEP
24576:lbZCmf67FtuZFX3KJQgI/tpWrZAOWaTUF3w:N3f67FtuZB3oQNpWDWawF3w
Static task
static1
Behavioral task
behavioral1
Sample
4abdae9b05fb343406136ff0cf863e8f403dc294578f111a746b125d59c5c91b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4abdae9b05fb343406136ff0cf863e8f403dc294578f111a746b125d59c5c91b.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
Fdrelandskrligehed/Tenuto/Sauria/Handelsbalancerne122.ps1
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Fdrelandskrligehed/Tenuto/Sauria/Handelsbalancerne122.ps1
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
4abdae9b05fb343406136ff0cf863e8f403dc294578f111a746b125d59c5c91b.exe
-
Size
953KB
-
MD5
971bdb03f3caf8bb34464d3629c6fd5a
-
SHA1
2c28ace22924960730814e5a787ffcadde187278
-
SHA256
4abdae9b05fb343406136ff0cf863e8f403dc294578f111a746b125d59c5c91b
-
SHA512
6e160db5481a91b18bfee7ecdd7a1a18150072f5c518b351c6ffa36f2b176ee46318e61c42b58e00278dc926446e5b040aa85e42ab610faf9bd8822d7bc4bcd2
-
SSDEEP
24576:lbZCmf67FtuZFX3KJQgI/tpWrZAOWaTUF3w:N3f67FtuZB3oQNpWDWawF3w
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
Fdrelandskrligehed/Tenuto/Sauria/Handelsbalancerne122.San
-
Size
57KB
-
MD5
0c865acf7c347c6dd359f98c8251a9bc
-
SHA1
dc6ad24450f7a966e5c090abce2ec06f23cef9ae
-
SHA256
00f3155ff5edff6c7b7286095854eae05446345e358018fee4c5fb141a458d7e
-
SHA512
a7ead01800f440b0d4e8f07040818ed72ff1c768cb44ffc1823230b5bee96238b25373a652be4509c88cb371772da1061f5b14b3fa5a7e1e7833dc07d56f1aaa
-
SSDEEP
1536:zSoQQtIqgBuwNgZdhr1l4jOLjMr0q7hB5V6jNpCDWS6BuqVkzW:eoKBuwN+3COLwr0q7f5iNY6XiS
Score8/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-