General
-
Target
Request For Quotation Details_Ref.exe
-
Size
949KB
-
Sample
240325-pre97afe66
-
MD5
f744b39f06cad577364eff72186e0626
-
SHA1
a2e04a36a215a5a90838965126b5e0b8baa7cf88
-
SHA256
b67c5941b8a82c44ee8c876e53fc0435d8d5653491b6c61ef0ec5ee92bbfbed0
-
SHA512
7adc81defb1397a665f7511e04224b81b5a8cabbab5ede049ba20f8113998307f146ef2031f723a5dca5592f51794d935fcaddff3a33deb58743521749a69e8d
-
SSDEEP
24576:pbZCmf67FtuZFX3KJQghsUyj6/onNd5gWrotUF3y:R3f67FtuZB3oQyCG/otrfF3y
Static task
static1
Behavioral task
behavioral1
Sample
Request For Quotation Details_Ref.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
Request For Quotation Details_Ref.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
fangelejre/Syrnes/Lnforbedringens/Hjertensgodes.ps1
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
fangelejre/Syrnes/Lnforbedringens/Hjertensgodes.ps1
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Request For Quotation Details_Ref.exe
-
Size
949KB
-
MD5
f744b39f06cad577364eff72186e0626
-
SHA1
a2e04a36a215a5a90838965126b5e0b8baa7cf88
-
SHA256
b67c5941b8a82c44ee8c876e53fc0435d8d5653491b6c61ef0ec5ee92bbfbed0
-
SHA512
7adc81defb1397a665f7511e04224b81b5a8cabbab5ede049ba20f8113998307f146ef2031f723a5dca5592f51794d935fcaddff3a33deb58743521749a69e8d
-
SSDEEP
24576:pbZCmf67FtuZFX3KJQghsUyj6/onNd5gWrotUF3y:R3f67FtuZB3oQyCG/otrfF3y
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
fangelejre/Syrnes/Lnforbedringens/Hjertensgodes.Nim
-
Size
59KB
-
MD5
41e3b6d1e5367b938531916ca78dfe24
-
SHA1
cbc36b0e630f0d739ac22e3f031e047f0e42c318
-
SHA256
f817a40978e642e98d2c41c967c651051414291fa729ff3618a8c12638cf566c
-
SHA512
3d16bb14f411c9008219036e749556dfc184b7801d61733891a56f4adf43397b1bb325340fdb500b9eecb9abd05f8483e447d795d7f09044d58202c778d5e2fa
-
SSDEEP
1536:z8LaJc+6OR8+SgyMR+6ZpRD4mhanfZMjfnaeLCYxl:gLcctORzSgzRvVD45ZUzLf
Score8/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-