General
-
Target
DialSyncXRBGGYWinTechStudios-v2.zip
-
Size
7.7MB
-
Sample
240405-msvedsac87
-
MD5
ab7963fa08b6cec3cb4cb0576f5aa7ee
-
SHA1
bd582dc032e52b7f3f93eb55d11ead2a32dcc5a4
-
SHA256
bd14817859a08b9373be44b21fa66171be93eef58efbb7563c624ee0bad24c7e
-
SHA512
193eaa958f6cc7e1978c8cf9dcf4b1e021bc6174cbe98da553c04eb9cc649913819c18e5f89508c8c891ffb6d05b9893f6e4cdf32d687837048a0db3cf5033c6
-
SSDEEP
196608:30IvQ9mQnD0zNm+rk3Nx8tmzYCx9WHGvCShDTTED:30I49vnyNNrk3LECxR/ED
Static task
static1
Behavioral task
behavioral1
Sample
DialSyncXRBGGYWinTechStudios.exe
Resource
win10-20240319-es
Malware Config
Targets
-
-
Target
DialSyncXRBGGYWinTechStudios.exe
-
Size
278.2MB
-
MD5
415ad5f963af1c8ea5092c381208528f
-
SHA1
8afe6ad30c1bf1cf7871447e0d0261db620d2edc
-
SHA256
3335576d8a7f6745f217b7356c813dbff026f3f3c811559413e1114c4c0926c7
-
SHA512
f85e6c51295383d65af83e510f52b6c6e9ef69e0fd5b728a1c879de4fa3b0549b327ad0f0258b0f70893e1bf3ef1b3fa0ba1a7bfbc4936a7a7dca418e8383a4f
-
SSDEEP
393216:vg5kx5T3leiE3p/EAW68XzSyUErVDYoNguVW6N/bm6Rxi:JsoBNguri
Score10/10-
Detected bankofmontreal phishing page
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-