General
-
Target
Feather_2.zip
-
Size
7.2MB
-
Sample
240602-1j91dafh8t
-
MD5
80a25bcd6c8d5b27e497cdbe36f2799b
-
SHA1
8f0f45a96a1c9778d7f30e9047d1c73fc71d985c
-
SHA256
222c53651a1c0d986b9b8387e4dc38c2b72bc41665728b22c5cea55d1ff4c01c
-
SHA512
503e99bf0b9876538b70d57353b2b5afa77ef58c6ef873e7d269cbd9e00b6b60efe6cc89238f113ccf111697a2b6114b35aefcc5ea3ba69ad60ed2cd8e0b38c5
-
SSDEEP
196608:V6LoohqUheKyIcGp5+Enfjt50bErf97Gl:V6LoGqUhEIcGLJnfjtCEhGl
Behavioral task
behavioral1
Sample
Feather (2).exe
Resource
win11-20240508-en
Behavioral task
behavioral2
Sample
9�5)m.pyc
Resource
win11-20240426-en
Malware Config
Targets
-
-
Target
Feather (2).exe
-
Size
7.3MB
-
MD5
28cae84724826530a57c22c14ad8522b
-
SHA1
5767ec1d30f35c0e27d0723dc128ead7e953bca1
-
SHA256
b21750e00aa3a8b2c29537acd0eae11438d6ebf5cde5434a6ad5b9d2e9eef7e1
-
SHA512
8a8ccd351d82492f12c851654db4356d1d4a22258cbe1aa20bcf9c9c87cf572fa4cc04dc36ccdbdf4ccefdbb510b4e68749b36ea770ddda74e371cee217b94f4
-
SSDEEP
196608:/rWAYS6ZOshoKMuIkhVastRL5Di3uh1D7J7:FYSaOshouIkPftRL54YRJ7
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
9�5)m.pyc
-
Size
1KB
-
MD5
19fc96e0cb5610953d2dccab6e061340
-
SHA1
154929dbb6d7a49842e304e554972fe45299ead0
-
SHA256
c346e706e1ce40a6df77764fc5ab97c81bc0bbd3299f3f20b196f4306466c75b
-
SHA512
951d51b03d269c58d0afbe1b59023f29be2ae3ea515e7ac8941d81462ffecd31b65626e7bfe39d1e74e906f783578e27666b7521a68956a687e4dd19e4e75fd3
Score1/10 -