General
-
Target
VIM.exe
-
Size
7.2MB
-
Sample
240528-3zmwwsag72
-
MD5
165a6f77d8558e08eadefdb749bb18c0
-
SHA1
1f0572d93a05b9d85b122ebef42a02811b5fd772
-
SHA256
5242437d464d1ceaae57e43d8bcea605d17ea7debe5626e0b509c31ccbced159
-
SHA512
8e777bd30748262de141b079aa7246da69c0a218ff1bf40e11e07af58e9ff8ff3f506edd515a1d9436df389656729cbd28e6c1676c9fffd7dde95ce6c32dce1e
-
SSDEEP
196608:edU8EkuA3uWJysVYvsONtdIQLOMIdiwmnoriXWDhs:a9EYeWJ8taL/d2or5
Behavioral task
behavioral1
Sample
VIM.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
VIM.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
main.pyc
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
main.pyc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
VIM.exe
-
Size
7.2MB
-
MD5
165a6f77d8558e08eadefdb749bb18c0
-
SHA1
1f0572d93a05b9d85b122ebef42a02811b5fd772
-
SHA256
5242437d464d1ceaae57e43d8bcea605d17ea7debe5626e0b509c31ccbced159
-
SHA512
8e777bd30748262de141b079aa7246da69c0a218ff1bf40e11e07af58e9ff8ff3f506edd515a1d9436df389656729cbd28e6c1676c9fffd7dde95ce6c32dce1e
-
SSDEEP
196608:edU8EkuA3uWJysVYvsONtdIQLOMIdiwmnoriXWDhs:a9EYeWJ8taL/d2or5
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
main.pyc
-
Size
744B
-
MD5
67e7e6aba7aaf860bbb9bcf46985527f
-
SHA1
0927774643415497a479b29384e57af1059d3b67
-
SHA256
8961015fabb8e58a4622593b8f4a719c0e9927041007ad474116efcb4dab5fae
-
SHA512
cf40cb76061cdf53a1afe350eea4752d8b9fcdd41460a2272de45f1799f63555b95b77914820810de2b68264873ed72823ce4f3ec1254b1779a553521284d158
Score3/10 -