General

  • Target

    POTWIERDZENIE_TRANSAKCJI_20240418145856.exe

  • Size

    1.2MB

  • MD5

    c158865f5b408afda4774cfa56600795

  • SHA1

    e9ef032f011a0db8c2ed5d0573800b8abc06fc32

  • SHA256

    ea310af953089060b7bc1d94409996ec463a7bf0c6bb874ae984365b6f536c49

  • SHA512

    f64f20526e5fb6346774e8edaf9578d55aa9f0d579daeb4bce62bc78981a150ad767764576a89a98366a38a9c1bf879a49ed57773e7383fdf677f1ed8b5a4d1e

  • SSDEEP

    24576:fnSOQYR6LyVdgf1A9oi6QW8GpYIuEMnxP4jptmKulwhosdgrJhmfnf+kMLbp:/VRnt9oiNAYIdM94jptJbnE+fwp

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • POTWIERDZENIE_TRANSAKCJI_20240418145856.exe
    .exe windows:4 windows x86 arch:x86

    e2a592076b17ef8bfb48b7e03965a3fc


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    0b75f1007d3cc8e457970ae3e3fd53c3


    Headers

    Imports

    Exports

    Sections

  • Archdruid.Cha
  • Bahrainerens/trampdampers.dep
  • Gondor102/Cyklisternes/Sarcolemmal141/chally.dol
  • Gondor102/Cyklisternes/Sarcolemmal141/indsttelse.sag
  • Gondor102/Cyklisternes/Sarcolemmal141/innocuously.trk
  • Gondor102/Cyklisternes/Sarcolemmal141/rebatement.has
  • Gondor102/Cyklisternes/Sarcolemmal141/sandaler.txt
  • Subdomains11/Assizing.cel
  • Subdomains11/Deklameringens193.mon
  • Swingletail.Afs