General
-
Target
bd59e50bd956f6ef82d05a2a9f945543cc3c4868a6916f772b6f53d51f804903
-
Size
633KB
-
Sample
240417-qx8pcsbe8w
-
MD5
888c83112b4dc68093750af92cfbcbb8
-
SHA1
2d7c2e2a2c9afe04ce6ebb1b412e25d843b8126c
-
SHA256
bd59e50bd956f6ef82d05a2a9f945543cc3c4868a6916f772b6f53d51f804903
-
SHA512
7b7e408229514f0d3219c9115fe7363f2f8ea0b06983e49be24568da76bfafb68fbbb46f7347149b960a2935e178779dbfba67df9f1d2ffed6ec7c7d41e970c5
-
SSDEEP
12288:Y9pWbuak/CDIGPuOqGxQaR6beoco1Zl+QzAOzmc8gOCXXDyu:O4Sz/kJuOqGxql+QzJ8g7XDyu
Static task
static1
Behavioral task
behavioral1
Sample
4ceded881995aa09ac269002c4312560ac38576aa82d95dc85d28a1a2b76bbef.exe
Resource
win7-20231129-en
Malware Config
Extracted
netdooka
Targets
-
-
Target
4ceded881995aa09ac269002c4312560ac38576aa82d95dc85d28a1a2b76bbef.exe
-
Size
660KB
-
MD5
54a315b26c66694821fb2091ef865f7f
-
SHA1
9f79ec5e7845bd33a58124fd3d10637a20630bb5
-
SHA256
4ceded881995aa09ac269002c4312560ac38576aa82d95dc85d28a1a2b76bbef
-
SHA512
625e851ddedd83103d1b27c25bdb8428e8aab9321436d48668112dd887f9ede5655b4f5b13d69e656bae522951c50cedd53426de725788ba5697089e81156814
-
SSDEEP
12288:nBxT3SKVIC9HdFEtttJl3Mob+60MCV94D0cIegdu1oeK/lGRgOUqmq9kR6lhKXhh:BxT3ZVB9HdFQPl3M06MCV9k0DegduieE
Score10/10-
Creates new service(s)
-
Stops running service(s)
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-