General
-
Target
82e2098806079d64fa92d88e07bc40f142eb5686f1aa7987ae3efb54a9e3d032
-
Size
1.2MB
-
Sample
240326-cetwlaed9w
-
MD5
11c340a97a5eeada6d83aac48e355e09
-
SHA1
c5fc1d99892b06eb83cf276ee99cf8bbd517513f
-
SHA256
82e2098806079d64fa92d88e07bc40f142eb5686f1aa7987ae3efb54a9e3d032
-
SHA512
08a0a4e999c4eeff1544b517c84d6c0dca5c75d92a3f8db89aef6c1b6e3220c5c57bcff4c4e4ed33f3ae21e6dc8ac9badfd363e207319c48d7cf7807b13aa04e
-
SSDEEP
12288:VLTA8PHO5mU0It6Y2s+eRqlCdY73bAlaVYwCTEEnhKbWYI3:tTA8PO5mU16yJslCdYDbKaVkTEk0
Static task
static1
Behavioral task
behavioral1
Sample
Invoice.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Invoice.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
dandyish/Postconnubial/Overstaleness/Skiliftenes11/rideelastiks.ps1
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
dandyish/Postconnubial/Overstaleness/Skiliftenes11/rideelastiks.ps1
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
Invoice.exe
-
Size
675KB
-
MD5
0e0f4a22528d2ba8bf8ea0b840df9041
-
SHA1
d3ce45da85ae04d2de9155ad1b17677338969bfb
-
SHA256
33a1e499b83cc0aee95964993b66682306515ca529f07a7d07f53e070408cadf
-
SHA512
512f25c5e8d26a7a4419c3c7b77f16803ac6a3141d965a3872cce91e1a7be974c11822c15576ab2b0f2d865b50d3b47afcb3bf9f0d7cef1a93a4ce59db3a9ebe
-
SSDEEP
12288:FLTA8PHO5mU0It6Y2s+eRqlCdY73bAlaVYwCTEEnhKbWYI3S:9TA8PO5mU16yJslCdYDbKaVkTEk0P
Score10/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
dandyish/Postconnubial/Overstaleness/Skiliftenes11/rideelastiks.Med
-
Size
59KB
-
MD5
5d1f60c7bafca993ac1b4288be62fb25
-
SHA1
d1c32a45c20735464a78e714ae4c426bbc9ff09d
-
SHA256
b24d56bc1d17d715843f4cfae6ebc1d5ad51420a26f060e55f95ca7e22a3d233
-
SHA512
71c3e2d8e0e24c1a4614f31e1f2b4500270d0d1aec0e26f2aa7a759a75e9973055466204ef6c510e068ce2e68da05a7a90fc693f3510665c0785508d5856498c
-
SSDEEP
1536:B+rtNTGcMwOjHiKMLLM3HGoGT75YgLLjBxqX8THOKhEX:Q56wOjHiHUWP9PjBgX8T3he
Score8/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-