General
-
Target
sample.exe
-
Size
372KB
-
Sample
240429-tqpvfseh57
-
MD5
da2f362c315e776de40b0805c5d3571b
-
SHA1
bc6e0d5ed9e74470bdfe2d854c3a798c2e45b074
-
SHA256
45cc8cde27d45cadec7dfec83f44215b807531439a0b2530f965fa5d4acda1b6
-
SHA512
e53917235541dcbc9064c913cef731e101dd15593c7276febb122a3549214c30180485394e0e1867d58e41326c7fc3efd04543a85e55443c44e12838b08d006c
-
SSDEEP
6144:HT4DtVpZI3UkwlUEkFvjV5Uioj7RODGIe2gngkOt/NONJp98AGECTcz8mFsgeJ:HTghmEkFx5Uf4wOt/NA8JE2bJ
Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win11-20240426-en
Behavioral task
behavioral2
Sample
Filmrullerne/Tendance/Unredacted.ps1
Resource
win11-20240426-en
Malware Config
Targets
-
-
Target
sample.exe
-
Size
372KB
-
MD5
da2f362c315e776de40b0805c5d3571b
-
SHA1
bc6e0d5ed9e74470bdfe2d854c3a798c2e45b074
-
SHA256
45cc8cde27d45cadec7dfec83f44215b807531439a0b2530f965fa5d4acda1b6
-
SHA512
e53917235541dcbc9064c913cef731e101dd15593c7276febb122a3549214c30180485394e0e1867d58e41326c7fc3efd04543a85e55443c44e12838b08d006c
-
SSDEEP
6144:HT4DtVpZI3UkwlUEkFvjV5Uioj7RODGIe2gngkOt/NONJp98AGECTcz8mFsgeJ:HTghmEkFx5Uf4wOt/NA8JE2bJ
Score10/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
Filmrullerne/Tendance/Unredacted.Sai
-
Size
56KB
-
MD5
b1d727d282df9997c8bbd3d296352191
-
SHA1
143e2878ec786de7b8ac80958ac8509c9c26746e
-
SHA256
28c901a827e59109f467be705332d753c0fabb390ced9c2a69c48110c69d18a5
-
SHA512
0d9e30f588ac8c7f3b02a8e2a32ef8159255f89baf88bc05d4db89c3986492d0ba00e07e3da09a5bb64e58971c40260bb3c09712dfcb03e1c69a9554ecf4a80c
-
SSDEEP
1536:TrVbCEwTZDc1LBlJ5PYy6CZk9F9RDdRslZLhjqHjVRR:kEwTtULBrB5k7vjYLh0VRR
Score8/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-