General
-
Target
6b3990554ae53193bdcbf0aebd974d2f75089e1f3e573da9bcca4aaee5791202.exe
-
Size
697KB
-
Sample
240523-b1gygsgh21
-
MD5
209b834c18954bc1eafb1df0b93223d9
-
SHA1
d36f7d46e3c06134534f08e67b38d13b97077065
-
SHA256
6b3990554ae53193bdcbf0aebd974d2f75089e1f3e573da9bcca4aaee5791202
-
SHA512
3a6341d74a2b56ca9e5cfc5433b0940f4a1907aee34a33666ba66c7f6c200bb6f399db545cec115f36a02f4a265ffd6238bb352f8bf36c7b8083b0ea05080c0e
-
SSDEEP
12288:60oU0UEneHuDY7nCkEPaT24WxsTQgMh9kK0KwGLy27UaMUW3GMvXO2:mxneHuDYukEPAWxsTQbzkK0UsaMZWMv7
Static task
static1
Behavioral task
behavioral1
Sample
6b3990554ae53193bdcbf0aebd974d2f75089e1f3e573da9bcca4aaee5791202.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6b3990554ae53193bdcbf0aebd974d2f75089e1f3e573da9bcca4aaee5791202.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Skifterammers.ps1
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Skifterammers.ps1
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
6b3990554ae53193bdcbf0aebd974d2f75089e1f3e573da9bcca4aaee5791202.exe
-
Size
697KB
-
MD5
209b834c18954bc1eafb1df0b93223d9
-
SHA1
d36f7d46e3c06134534f08e67b38d13b97077065
-
SHA256
6b3990554ae53193bdcbf0aebd974d2f75089e1f3e573da9bcca4aaee5791202
-
SHA512
3a6341d74a2b56ca9e5cfc5433b0940f4a1907aee34a33666ba66c7f6c200bb6f399db545cec115f36a02f4a265ffd6238bb352f8bf36c7b8083b0ea05080c0e
-
SSDEEP
12288:60oU0UEneHuDY7nCkEPaT24WxsTQgMh9kK0KwGLy27UaMUW3GMvXO2:mxneHuDYukEPAWxsTQbzkK0UsaMZWMv7
Score8/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
Skifterammers.Uso
-
Size
57KB
-
MD5
9003b8c618556b66af0fc968095d8bba
-
SHA1
33d8a69579e0bbc848f0f7e414b4a9ef846a57c6
-
SHA256
9c2e0d7d7ebfef6a420673a5d0bf67ed30f881cf66d1b27ed85d997e1b11c1d9
-
SHA512
f62a4e3166a34f45bba3e8c802781c0a3bd228931f14de5891b65bb227a28becd7ab2daaaa5d9fbc19bd53fba27c41a63589e8355aec79744bfe4872ea6dffe0
-
SSDEEP
1536:c/MTrs4O2qGhqZ8BXtsiVWIn702PqUws+qfTk+5pRYrnI:ckM4O2G8dVWIo2PqUP+qfT9l
Score8/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-