Overview
overview
10Static
static
320230970 -...24.zip
windows7-x64
120230970 -...24.zip
windows10-2004-x64
120230970 -...24.exe
windows7-x64
1020230970 -...24.exe
windows10-2004-x64
3Begavelsen...ts.tnd
windows7-x64
3Begavelsen...ts.tnd
windows10-2004-x64
3Begavelsen...et.txt
windows7-x64
1Begavelsen...et.txt
windows10-2004-x64
1Begavelsen...lp.sca
windows7-x64
3Begavelsen...lp.sca
windows10-2004-x64
3Tubulident...es.ps1
windows7-x64
8Tubulident...es.ps1
windows10-2004-x64
8Tubulident...ge.hom
windows7-x64
3Tubulident...ge.hom
windows10-2004-x64
3General
-
Target
20230970 - SF PARQUET SERVICE 25.04.2024.7z
-
Size
413KB
-
Sample
240425-pgldfsae8x
-
MD5
e75236cf63c526744d10cc129df9cf67
-
SHA1
e31f3ed282cfcb97bd09e93d0ef897a94b731b41
-
SHA256
26a32b71ef0e9ab0e40eea7e0e7994767588a87ec1398eab32aa28dd84ae6e90
-
SHA512
360e8aca7d1d7c2145e94d0587ed5643aaceeab51402a93e61b1417bb3d32d44cc7f945e55e271be4d169c326e35597f87773c33f57f44fe20fcecd9572ffb41
-
SSDEEP
6144:Y4rcpq7JlEn1vFHKzRejAht9m2rWbtNmi2Y+Kq4m3+twy:zOAJlEBFHUdhydbmik4mOtwy
Static task
static1
Behavioral task
behavioral1
Sample
20230970 - SF PARQUET SERVICE 25.04.2024.zip
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
20230970 - SF PARQUET SERVICE 25.04.2024.zip
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
20230970 - SF PARQUET SERVICE 25.04.2024.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
20230970 - SF PARQUET SERVICE 25.04.2024.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
Begavelsens/befolkningstallets.tnd
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Begavelsens/befolkningstallets.tnd
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
Begavelsens/lerret.txt
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
Begavelsens/lerret.txt
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
Begavelsens/underholdshjlp.sca
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
Begavelsens/underholdshjlp.sca
Resource
win10v2004-20240412-en
Behavioral task
behavioral11
Sample
Tubulidentate/Overbakes.ps1
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
Tubulidentate/Overbakes.ps1
Resource
win10v2004-20240412-en
Behavioral task
behavioral13
Sample
Tubulidentate/Paaviselige.hom
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
Tubulidentate/Paaviselige.hom
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
20230970 - SF PARQUET SERVICE 25.04.2024.7z
-
Size
413KB
-
MD5
e75236cf63c526744d10cc129df9cf67
-
SHA1
e31f3ed282cfcb97bd09e93d0ef897a94b731b41
-
SHA256
26a32b71ef0e9ab0e40eea7e0e7994767588a87ec1398eab32aa28dd84ae6e90
-
SHA512
360e8aca7d1d7c2145e94d0587ed5643aaceeab51402a93e61b1417bb3d32d44cc7f945e55e271be4d169c326e35597f87773c33f57f44fe20fcecd9572ffb41
-
SSDEEP
6144:Y4rcpq7JlEn1vFHKzRejAht9m2rWbtNmi2Y+Kq4m3+twy:zOAJlEBFHUdhydbmik4mOtwy
Score1/10 -
-
-
Target
20230970 - SF PARQUET SERVICE 25.04.2024.exe
-
Size
543KB
-
MD5
71596eff0cd3188f1b5fa6ed4c4d3a8f
-
SHA1
a606e3570367872ef2932c91c1f646e077fd88d2
-
SHA256
8c198e0fd958f00a38efa3cc347de8ebd7e464b63eec417988032c80832d9014
-
SHA512
d36faf5a01334ee1f1e52064f9c269b059efe3badb4d110a3fb8baadf6d797c91308b05121fe5b65fcb38d7ce630844825efc54c44b50cb70e10d9b8381de9a0
-
SSDEEP
6144:LDpoek7OrisQ88lEf74pvF5KPReXAhz9m2nWbt1mi0Y+Kqam3+tvW:47YvElF5+DhYnXmiGamOtvW
Score10/10-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
Begavelsens/befolkningstallets.tnd
-
Size
2KB
-
MD5
c2d8cab2df0c5184a51cad4f321a64cc
-
SHA1
2068ec7cbee9bb22651b84cdfdb5258b62ea95ee
-
SHA256
21dfa4eabff3ca8cf50f2ad48ab42eb1616b76dcbcdae86705a4ffc204a36258
-
SHA512
0d521df41c6c415faa84244f153cfd653574356f21ae55a9cdbc24b7a8825454a661483a1405bb3ae71f067c7bfe7d1a4e729afc23a5346c36a524329a28d37b
Score3/10 -
-
-
Target
Begavelsens/lerret.txt
-
Size
409B
-
MD5
16234c20d3324265bb707c0da0a316f8
-
SHA1
994abb6985951ce456af1468c3a74bbe53d2348a
-
SHA256
75f66c61f6ae6c8e75466d750d71db4385abbbe93c9c5677d9df74b5f741f99c
-
SHA512
b50103f5820889fb40a397a727ae64fbb91a1d02c6ca341b00fae3ef11fcc02c858f24caf18b35991d4197789d3edd3c068842a0e3d2f9b1293e35e8fd5ad733
Score1/10 -
-
-
Target
Begavelsens/underholdshjlp.sca
-
Size
2KB
-
MD5
90a8f9376b587851ce0cf60bd203101f
-
SHA1
5833830004e7017da574a4f3c69d27874c28f400
-
SHA256
770970bf93905583e7305f1e80755c0582d0b01009bcbb8cea0fa6bd28e9d645
-
SHA512
98fa1dae524d113e1736ad371ac7c8ff3fdcd959b4612b714a57bd36f180c42430cd199d1b98a48529b322ced110a68c7f80e18252d2a1cb4bab08af58ebe5d1
Score3/10 -
-
-
Target
Tubulidentate/Overbakes.Tid
-
Size
57KB
-
MD5
fc5bf28700c2750eab9f1a5821380fb9
-
SHA1
e211c07ce35ed9f19c4519177909975b72d94b8c
-
SHA256
d0fa547b89ded83f6cfe6469b984c67297f6c5f835fef93c00afd3a88cc68b7e
-
SHA512
7c2db5396b8625d8b533d71fc892fcc481d7c404f3debbb4c5bb586ddf2a43f72775a522d39bd920891760edb0151bc138e69ca605c0b167f91f0085899e4eaa
-
SSDEEP
1536:aQ2zGynRmv41WpwQPPjY4gqgAxJltCzjBRQ83YoUR8JTqMgXm:anz/9YQqDjvXR8JTqDm
Score8/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
Tubulidentate/Paaviselige.Hom
-
Size
322KB
-
MD5
bbfaf03d5a947e5c15937d214e547185
-
SHA1
e9fcd70509d1c3e06ccd862b5b41bd754acdd495
-
SHA256
dce96a292759becf49f06a0fbeb7181d2f648396ebf0ad246896de2117bb1023
-
SHA512
b73bdd0f85a3bf59b6b223613042d3ec38e771289153d57e19181a6254438a79830c518419e82b17dc3cf236568a4fd799beda7e0cc82fc9f2e7f57af1eedf3e
-
SSDEEP
6144:ym9lRwTSCQ1NRajsvjCtzMcdIlfYpIV/0wdtRcdnB7iCX8+1YSq:yWlRwh0NRzeIcdwfWIV/XG8A8AYn
Score3/10 -