General

  • Target

    22052024_0202_21052024_Transferencia.tar

  • Size

    433KB

  • MD5

    3941787c40da49db999bb9c69a42d005

  • SHA1

    14f069705448e9007d2d8e89f0817a4e58bd2f4f

  • SHA256

    b25e337418210160d56418d18c32c2a44fc70254bc0b295b5c54f5dd5549c95d

  • SHA512

    c0e7299f699a868aa1d087d6546791753194bd9251589566bab732948a3e14f5218fd9fc234ea43619791803522a938ed2328ce2a0b08b3461ea77f2922d30c1

  • SSDEEP

    12288:J0pZnHL9jAT8mU07ijSq/X7/8omMZ8LliOPZ:J0pZnrhVG7imq/TdmMZ8D

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 3 IoCs

Files

  • 22052024_0202_21052024_Transferencia.tar
    .tar

    Password: infected

  • Transferencia.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    671f2a1f8aee14d336bab98fea93d734


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    240ca92ecc1c291801c451c447e16c12


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    9076fa7961baeaeda0746cb0928f486a


    Headers

    Imports

    Exports

    Sections

  • Dweeble.lyn
  • Quondam.kir
  • Regnesystems.Kib
  • Sgeresultat.Tra
  • bjergnder.sor
  • familiefdre.mos
  • interhybridizes.ind
  • jurisdiktion.sar
  • slbemaalets.tza
  • spermatozoers.txt