General
-
Target
SWIFTCOPYMT1030000000_pdf.exe
-
Size
411KB
-
Sample
240426-npzqdaff25
-
MD5
1048340bcfae30df032c161ac52f8f0e
-
SHA1
8a3370d01a170626ef43202f5fe54e27372abec4
-
SHA256
47a75ba2cc69f372c816fb61d079ebe6e3a81eeeb16e72726725b088a59f4e94
-
SHA512
446b5293fe99200305cde7b4eaf17613b6c211ac46ce5ef38d383546c727de348f6f4733051674ce309a1ed401941985120b0f80f449239d3375f91a2de2704c
-
SSDEEP
6144:TzZzycMVGAnF3KMrbYTE6ZudWKJJGGCaSninelmgkpmcqaw/cXraHvfMV:5V9QF3ihgxtdel+jw/ar4vm
Static task
static1
Behavioral task
behavioral1
Sample
SWIFTCOPYMT1030000000_pdf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
SWIFTCOPYMT1030000000_pdf.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
SWIFTCOPYMT1030000000_pdf.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral4
Sample
SWIFTCOPYMT1030000000_pdf.exe
Resource
win11-20240419-en
Malware Config
Targets
-
-
Target
SWIFTCOPYMT1030000000_pdf.exe
-
Size
411KB
-
MD5
1048340bcfae30df032c161ac52f8f0e
-
SHA1
8a3370d01a170626ef43202f5fe54e27372abec4
-
SHA256
47a75ba2cc69f372c816fb61d079ebe6e3a81eeeb16e72726725b088a59f4e94
-
SHA512
446b5293fe99200305cde7b4eaf17613b6c211ac46ce5ef38d383546c727de348f6f4733051674ce309a1ed401941985120b0f80f449239d3375f91a2de2704c
-
SSDEEP
6144:TzZzycMVGAnF3KMrbYTE6ZudWKJJGGCaSninelmgkpmcqaw/cXraHvfMV:5V9QF3ihgxtdel+jw/ar4vm
Score10/10-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-