General
-
Target
PURCHASE_ORDER_SHEET_&_SPECIFICATIONS_DOC_10.7z
-
Size
427KB
-
Sample
240426-j7rehace93
-
MD5
43e367cdfea21bc79aa8630e23027df6
-
SHA1
a078cd616b822b5f1feddd4190294344f55516b9
-
SHA256
0eaa6dd0dbecdcb8877516e71a86427d219665332b94f7fc86ff047d5ef62003
-
SHA512
ebc083064f3cd7149f3d34a22bcd2ac9199b7a24a0bb30eff2ce31bc0e127aa8fafd982ab76eed180ab5911effe76cc8cfe2d605ab63604b8c7e70d48296ea6b
-
SSDEEP
12288:u3C4SnWhGLVaSC3Moi6pBgi0r5ddRAUIPS:MCQG8Sr8eiiRbIPS
Static task
static1
Behavioral task
behavioral1
Sample
PURCHASE_ORDER_SHEET_&_SPECIFICATIONS_DOC.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
PURCHASE_ORDER_SHEET_&_SPECIFICATIONS_DOC.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
PURCHASE_ORDER_SHEET_&_SPECIFICATIONS_DOC.exe
-
Size
753KB
-
MD5
dbe4440d32dc0b20dee76c192587ab33
-
SHA1
d5c94559655c5fc5bc552fce62aad8673731a3bb
-
SHA256
8059dc704b71f1a978547729e4afdf62f0c834950758ca8bb6a25fa6fca0b03d
-
SHA512
13eea3b51fce84b90b363de9b05f6e08fa0c082b67f0be91146f241ab49f7d421fec5d81b5507c6df396bdba21e71b6cef176f8a70a0d972c11cf2ad7d768efa
-
SSDEEP
6144:9zZzl4awJ9Gal0ZcMGDTBRA5bASrGs/1iLJ0ca8EptqioUCaSniaVgkpmcqaw/c0:DaalkPhH8V/kLBa8CwioQAxjw/ar4vd
Score10/10-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
6ad39193ed20078aa1b23c33a1e48859
-
SHA1
95e70e4f47aa1689cc08afbdaef3ec323b5342fa
-
SHA256
b9631423a50c666faf2cc6901c5a8d6eb2fecd306fdd2524256b7e2e37b251c2
-
SHA512
78c89bb8c86f3b68e5314467eca4e8e922d143335081fa66b01d756303e1aec68ed01f4be7098dbe06a789ca32a0f31102f5ba408bc5ab28e61251611bb4f62b
-
SSDEEP
96:qIsUxO9udx4qYp7AJb76BykUbQMtHUOA5Iv+RnsrqeXV+d1g2IW9t2c+cEwF9Fug:ZVL7ikJb76BQUoUm+RnyXVYO2RvHFug
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
6KB
-
MD5
052a077ee8b519aadbcf29e6b5e710a4
-
SHA1
b3ab29d0ebdbdca63e4dffd2fd2e6b9188ffae4b
-
SHA256
9a1a5c6f598247bfa52624cd793b9ef4fb85863cc9dfd69eb7ef671cacc906c9
-
SHA512
cb11cba331b85122dcc2d57171ce20382af0a9fdf0a85a30155404d975901a313c9285eb9445e51979c6ec8416ccdf97fdeaf1bd2203c9395ad046a385a90009
-
SSDEEP
96:Q7GUaYNwCLuGFctpiKFlYJ8hH4RVHpwdEeY3kRlDr6dMqqyVgNF38:aygp3FcHi0xhYMR8dMqJVgN
Score3/10 -