Overview

overview

10

Static

static

3

eb0b731ab9...91.exe

windows7-x64

10

eb0b731ab9...91.exe

windows10-2004-x64

10

$TEMP/Compound.exe

windows7-x64

$TEMP/Compound.exe

windows10-2004-x64

$TEMP/Website.ps1

windows7-x64

1

$TEMP/Website.ps1

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    90f090ba7301e7528c15a628fe14fd58076b96640cbeecc83aa0f10f368d384c

  • Size

    660KB

  • MD5

    56f09617eb80771c938183ab09ecb199

  • SHA1

    ca7fea977e1b47d519796581fbf6d8d4adcf0601

  • SHA256

    90f090ba7301e7528c15a628fe14fd58076b96640cbeecc83aa0f10f368d384c

  • SHA512

    f989ccbe9106cf9eb530bce02f6dfe5f53f97531873904ee3adca351e5fffae58977a8d9364df1d00a1250b562062417729df0d6be16c9854d73f61f7c295702

  • SSDEEP

    12288:Q/l9pJniXI9LTKuG4qI8Gcnv75PZoR7uPQF8shFlxaZfpZDbP/Vh:QnniXAL/u8cvdqR7u8DQZfptPth

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 90f090ba7301e7528c15a628fe14fd58076b96640cbeecc83aa0f10f368d384c
    .zip

    Password: infected

  • eb0b731ab94af412b326ba86d043c128ce602337070895ec1b3d2bc4e0214091.exe
    .exe windows:4 windows x86 arch:x86

    61259b55b8912888e90f516ca08dc514


    Headers

    Imports

    Sections

  • $TEMP/Alot
  • $TEMP/Bathrooms
  • $TEMP/Book
  • $TEMP/Compound
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • $TEMP/Conservation
  • $TEMP/Emotions
  • $TEMP/Injection
  • $TEMP/Participants
  • $TEMP/Richmond
  • $TEMP/Website
    .ps1
  • $TEMP/Worm