Overview

overview

10

Static

static

3

4422-HG-En...OC.exe

windows7-x64

10

4422-HG-En...OC.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

ITB-4422-H...v0.exe

windows7-x64

10

ITB-4422-H...v0.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    16052024_0924_ITB-NO-4422-HGD-PJT-PKG2-MR-515-Rev01.rar

  • Size

    526KB

  • MD5

    5c3e753dc2a99feaaa74661b754af428

  • SHA1

    bf9a22b07ef30aa810d4a17239a85e51f13ea9c5

  • SHA256

    3848f55719c909adc74645f1ed42bff6779fd21f0e4bdc41b49768ba08762ffc

  • SHA512

    1999e351834d0854a89c999840ff327a078633a6b9f349071c6aa8dacb4b267ec12206ef807a937091d1b3ebcf85103f5466d4e30e9cc43d7c4abce1263262ce

  • SSDEEP

    12288:bK6nH0+0Q409lLiKLCdk1HxiSROOR/VV60vP6dvt+9wF/QqbvMKub:b9nwQ4qhXRNRT7vPIW0vMd

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 16052024_0924_ITB-NO-4422-HGD-PJT-PKG2-MR-515-Rev01.rar
    .rar

    Password: infected

  • 4422-HG-Enquiry-cover-letter_ADNOC.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    e2a592076b17ef8bfb48b7e03965a3fc


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • Amebicidal.Coe
  • Dispapalize.ker
  • Skyggekabinet.txt
  • intrapetiolar.boo
  • syrnende.bok
  • ITB-4422-HG-MR-PKG2-REQMT-SPEC-Rev0.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    e2a592076b17ef8bfb48b7e03965a3fc


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • Dispapalize.ker
  • Hitchhiking/syrnende.bok
  • Nyskabe/Skyggekabinet.txt
  • Prostatitic.Aff
  • Taagebankernes/intrapetiolar.boo