General
-
Target
Sp├дti.exe
-
Size
36.9MB
-
Sample
240419-nzxc1abg5x
-
MD5
4f036b9423890d0b407466981b906269
-
SHA1
fe6706d6de8d6bb0ed6d9b12bf0be5296f485635
-
SHA256
3c2bc4bc7f290b6834833fa4d770927ae164a5a535ec6cd175ab1e1bb8997224
-
SHA512
2dc34179dd1901c7677dc7ee568274d5c23512a5d4ed40ee906335efb200a0f0b28fcba1361ad1d5e878e0641a6f44d5b6f4b48ce3338addee0a85eaa6c6bd09
-
SSDEEP
786432:YQZeCRQwKXohj7b0o+GU52j6+s7LWB75zu2OorN7W8QOd92OY:YEPQTXQ/bv+t52qHWB75ierN7Wf
Behavioral task
behavioral1
Sample
Sp├дti.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Sp├дti.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
Sp├дti.exe
-
Size
36.9MB
-
MD5
4f036b9423890d0b407466981b906269
-
SHA1
fe6706d6de8d6bb0ed6d9b12bf0be5296f485635
-
SHA256
3c2bc4bc7f290b6834833fa4d770927ae164a5a535ec6cd175ab1e1bb8997224
-
SHA512
2dc34179dd1901c7677dc7ee568274d5c23512a5d4ed40ee906335efb200a0f0b28fcba1361ad1d5e878e0641a6f44d5b6f4b48ce3338addee0a85eaa6c6bd09
-
SSDEEP
786432:YQZeCRQwKXohj7b0o+GU52j6+s7LWB75zu2OorN7W8QOd92OY:YEPQTXQ/bv+t52qHWB75ierN7Wf
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Sets desktop wallpaper using registry
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-