General
-
Target
1ac701f312d9e8422f4cdb3d527405a269c25ec0f28ef614080ce98dd9480128.exe
-
Size
689KB
-
Sample
240523-rstv3sec4x
-
MD5
546f9b0627ba8679b8e9610bc1d7e24b
-
SHA1
46192bc20df587e4ac55db8bce83e24dd3a1ba40
-
SHA256
1ac701f312d9e8422f4cdb3d527405a269c25ec0f28ef614080ce98dd9480128
-
SHA512
01876f5f66d9e277ff72596318f4170c84178dda783a98b3dd9c2fdd5fc0c925790ef32f36a1ef8e0af738b5b4761413eb2023e572b116ecd4f9688eb488672d
-
SSDEEP
12288:60oU0UEneHuDY7nCkEPaT24WxsdUSFbE27UwvfGF9oZFuh9K35:mxneHuDYukEPAWxsWSFbXzveF9orzJ
Static task
static1
Behavioral task
behavioral1
Sample
1ac701f312d9e8422f4cdb3d527405a269c25ec0f28ef614080ce98dd9480128.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1ac701f312d9e8422f4cdb3d527405a269c25ec0f28ef614080ce98dd9480128.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Amortissement/Blokdiagrammets/Superline/Elogy.ps1
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
Amortissement/Blokdiagrammets/Superline/Elogy.ps1
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1ac701f312d9e8422f4cdb3d527405a269c25ec0f28ef614080ce98dd9480128.exe
-
Size
689KB
-
MD5
546f9b0627ba8679b8e9610bc1d7e24b
-
SHA1
46192bc20df587e4ac55db8bce83e24dd3a1ba40
-
SHA256
1ac701f312d9e8422f4cdb3d527405a269c25ec0f28ef614080ce98dd9480128
-
SHA512
01876f5f66d9e277ff72596318f4170c84178dda783a98b3dd9c2fdd5fc0c925790ef32f36a1ef8e0af738b5b4761413eb2023e572b116ecd4f9688eb488672d
-
SSDEEP
12288:60oU0UEneHuDY7nCkEPaT24WxsdUSFbE27UwvfGF9oZFuh9K35:mxneHuDYukEPAWxsWSFbXzveF9orzJ
Score10/10-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
Amortissement/Blokdiagrammets/Superline/Elogy.chi
-
Size
55KB
-
MD5
2b73e0d24d799259480051998efba53e
-
SHA1
fe97fa385a6b05cd610326714057ea525cee290c
-
SHA256
ed906e2d74ae966bee4d6df8643d016cbb29c15bfce975e2d50334ecf9a4ac07
-
SHA512
a07f4e7fa1f3982f602f4d36664824e5e8905a7299b6ebfa455b1d03c320efd213f9386da6a79aac67ea8b489514279ef372a43c8fe934d0995e8b7140c22430
-
SSDEEP
768:qNowTSDmiDAEbVGfJQeVgeLkul6uMF+2cuLPkvGLho56+9RI380vna3JZdVD6k8j:qmwTG5D9bEWqgUkkd1vse/9x0/GdVK
Score8/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-