Resubmissions
12/04/2024, 14:24
240412-rq4mhabb49 1012/04/2024, 14:23
240412-rqj8vseb6x 1012/04/2024, 14:23
240412-rqhp2abb46 812/04/2024, 14:23
240412-rqhd9seb6w 812/04/2024, 14:23
240412-rqgsqseb6v 809/04/2024, 07:30
240409-jb97qsch3w 1009/04/2024, 07:30
240409-jb2wcshe88 1009/04/2024, 07:29
240409-jba3mscg9s 1009/04/2024, 07:28
240409-ja2h7she62 729/03/2024, 02:37
240329-c4jf6aga87 9General
-
Target
bee5a8794014d11323dfb0276e541a0ee9567f61521a1a885ade5ca2d87f36d8.exe
-
Size
1.9MB
-
Sample
240329-c4jf6aga87
-
MD5
bab406ad3b0603a45625755ffbccce49
-
SHA1
7ce0bd31c68c5b54854098acad195b7a8d804939
-
SHA256
bee5a8794014d11323dfb0276e541a0ee9567f61521a1a885ade5ca2d87f36d8
-
SHA512
a85ca2bc5ab42f8d32856a87c665b66df7d8e1c1ebbb143015d06fcc1bddba1faf684e2ee1d2a572f5ed04edf3a061837c293b5c1e3d2214864b90d8a68d25cc
-
SSDEEP
49152:hgWDef4IXn7EvfNf+x83OeG5ztpAEq2pe2n9SCtQV:hvo49fk83ONztiEqz2nA
Malware Config
Targets
-
-
Target
bee5a8794014d11323dfb0276e541a0ee9567f61521a1a885ade5ca2d87f36d8.exe
-
Size
1.9MB
-
MD5
bab406ad3b0603a45625755ffbccce49
-
SHA1
7ce0bd31c68c5b54854098acad195b7a8d804939
-
SHA256
bee5a8794014d11323dfb0276e541a0ee9567f61521a1a885ade5ca2d87f36d8
-
SHA512
a85ca2bc5ab42f8d32856a87c665b66df7d8e1c1ebbb143015d06fcc1bddba1faf684e2ee1d2a572f5ed04edf3a061837c293b5c1e3d2214864b90d8a68d25cc
-
SSDEEP
49152:hgWDef4IXn7EvfNf+x83OeG5ztpAEq2pe2n9SCtQV:hvo49fk83ONztiEqz2nA
Score9/10-
UPX dump on OEP (original entry point)
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-