General
-
Target
30052024_1419_28052024_JUSTI TRANF IVECO 28-05-pdf.tar
-
Size
746KB
-
Sample
240530-rm7jzsce48
-
MD5
63eaaf464ead04c71f13ac6e398f1d2c
-
SHA1
a47bfbedab759679ea47a1a3ed24b84dcf090e26
-
SHA256
9e76c6085cfa58f7e4f20a5b2c67d7fb01c805951f937f81133d5ef5bef8589c
-
SHA512
1e5a66919a6f5f91cbfa309d2184f51ff288d5e0affbe57746fe5c760584e2925188476b2ea1ccb5862e1820a7649b4afca97d2b86f62bb3b484f1cc66898542
-
SSDEEP
12288:RDDMfZUar2EYYPG0U0A6TxjiG6NbZU7WURBh:dARCUPG09vTxjZ6pZUtRBh
Static task
static1
Behavioral task
behavioral1
Sample
Omstningsudviklingers.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
Omstningsudviklingers.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
Omstningsudviklingers.exe
-
Size
744KB
-
MD5
c0bc933adf17e3ed27f0d44f2ad0f529
-
SHA1
0b1557ee8098762d744bff018c285d1f912642f4
-
SHA256
98dd3245e6b2d823f036b8ba6c852ee3bc744e53e329054e6569a4710290e2c9
-
SHA512
906bbeccbde2e0583985d569097e4716b945bd303d582c2d80332d3c60677efa979c081ec9b63d825703abdda72ce0e350aadde50567e5cd8f5712355b1cc9c6
-
SSDEEP
12288:aDDMfZUar2EYYPG0U0A6TxjiG6NbZU7WURBhV:KARCUPG09vTxjZ6pZUtRBhV
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
6c38da8922cc37b4bbb77de4a63ad843
-
SHA1
4e0533fd11df8bddbd543ed58df7b6060d9f4631
-
SHA256
1624d9ad8b2e2658af224691263f64388ba3a997efe80011889e3c35237ce4c1
-
SHA512
ad0be3d7e57da9c304e9b9cac5341b6c76b157456ab44f5579d6c38c830a31c9c3e1e9a875b8f465243c607ea2ede6b0bb77237f17a70a4d4c78606e036c3430
-
SSDEEP
192:wA1YOTDExj7EFrYCT4E8y3hoSdtTgwF43E7QbGPXI9uIc6gn9Mw:QR7SrtTv53tdtTgwF4SQbGPX36g9Mw
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
7KB
-
MD5
052099395689171cf64bf4a868e6a9be
-
SHA1
9581e80b223226eee5f726f38b3e966fdc5bbfad
-
SHA256
99fc8f647bfff3655dcd4ec577d79ec4102fb3a68b567282ba0b51e0b5262802
-
SHA512
f45e38314e10129d3cceaefa918b25a432c67db8bf73f110a6957ca7f5cc96db749601fed550e0357bf67c84de2721d9692b8785c295fc7a1537b42c68b461a9
-
SSDEEP
96:rVl/7KOuFlKHMpXGu8FX6eT3sQk1u2QmIGjbAQvL7hDAbUlV:rVl+hSs2u85TTHkZQmbbLL7hDMo
Score3/10 -