General
-
Target
Office_365_ProPlus_-_Online_Installer-RSLOAD.NET-.rar
-
Size
2.5MB
-
Sample
240606-r1h4jsfe6v
-
MD5
a36983e8ac6c8c81825a6405bec34bd4
-
SHA1
1416393b5d76067adeac7c59c2eec046d402be3d
-
SHA256
d9eaf7d0ff05d071de98c0f54cf0cde63741fbf237c0a0246f61245ad3de97fb
-
SHA512
55f58160c5142bacf768be519077865932bd8d664b4df1ed0d400a5c02e29d3315994a7f53b8c1e93402da76e42e340997a7acb12afa629ec3e50be9adcb77fa
-
SSDEEP
49152:XsPZpXO3L6GdoHC6/f8qFHXoxnM627fJYS2Rs/u+qzYmIDDrH5MM:Xs8TdP6/Eq3oxn9AfepW/u+atkT
Malware Config
Targets
-
-
Target
Office_365_ProPlus_-_Online_Installer-RSLOAD.NET-/Office 365 Setup.cmd
-
Size
20KB
-
MD5
205430e5a831f37c417e2fd9ced824f1
-
SHA1
ccfc2d84cd657858c7893217d4a03ec048ae4bc0
-
SHA256
5e431e9247a3f872b658b83e68335f2cc6a45ee3183813226697c74d56e4a8fc
-
SHA512
32820ed449b3251ef82393f20968c30b362b238257037ad035b6a561d970a3ee6c1ca00bc7800e5e3f8c556de4571d9a19f435190a6c54c9c3205936ca9362b1
-
SSDEEP
384:Id0a0fvb/SzSydrK7ffHMYnBLyelLgsb5mSpfO/IkWIVmSHLOLjQSmgleIX9cs+q:oJ7WIVmSH6LjQSmgleIX9cs+2bXSL5PW
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
-
-
Target
Office_365_ProPlus_-_Online_Installer-RSLOAD.NET-/setup.exe
-
Size
7.3MB
-
MD5
db64720421a8002939227a173ab7a570
-
SHA1
6f13423dc9544ba5e1c07370d314916b73dfd8c2
-
SHA256
74b91e528ed9f80bf8a799b42045b8c9bb6758cde2c5a6efb2bda387b3ec0071
-
SHA512
2adbbc05a4de38d39f4a8c61e49167e04f1e36ffdf8ab5447b0d262b049fff7b6b14b775e6730e495403eb738a0a82f9c42dd1fe31678c3687bf921b3b50822c
-
SSDEEP
196608:C8scV6cNSQnDiPpIDIJomtmn+JbDKug1i/Wz4aI6HMaJTtGbV:CYV6cNeIwtmn+J3/Wz6
Score5/10-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-