General
-
Target
backdoorppt-1.5.zip
-
Size
3.1MB
-
Sample
240612-ra312a1ekn
-
MD5
2918025cec189ab81b8e5a0de0ef23ac
-
SHA1
c670bb180c5e321e48ebcac7f9b46e5441bef3eb
-
SHA256
d2677e459729ff7027760e712ed6e3bc6c066c91b253eef419bbbe65956effa7
-
SHA512
97c757b1a6acb661c63945f8551ddec114123a21afec2c88602a13fa0e9dad54ce5645f30ecf84f5402b4caa8b8ab968ae276a1e81dd89fea82c125c1668366c
-
SSDEEP
98304:MOc58kgI5NIlwEfnK1uCwqNnPLHn8X3blBWF1M3u:MOcDgI5NQwaPCwLbl0F13
Static task
static1
Behavioral task
behavioral1
Sample
backdoorppt-1.5/backdoorppt.sh
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral2
Sample
backdoorppt-1.5/backdoorppt.sh
Resource
debian9-armhf-20240418-en
Behavioral task
behavioral3
Sample
backdoorppt-1.5/backdoorppt.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
backdoorppt-1.5/backdoorppt.sh
Resource
debian9-mipsel-20240418-en
Behavioral task
behavioral5
Sample
backdoorppt-1.5/bin/reshacker_setup.exe
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
backdoorppt-1.5/bin/reshacker_setup.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
backdoorppt-1.5/backdoorppt.sh
-
Size
6KB
-
MD5
bb1ecba96eecdd33a699baae87493461
-
SHA1
d26c29453d7ad26d4d76ad670f3fa9677c0d6afa
-
SHA256
3b1c52c781a608b1d109ff752a5a85a908e9cc66945187bfe96ab2d963550063
-
SHA512
c6881235c28b09f3d5ff5b6699104ba8b055de60ca963ad1e85571093e03959b3618286194cadf2f2ad9eb91f156d26e4b19417cf9c1084f24f10e593999d993
-
SSDEEP
96:q7dh9vNt8bFC5PSiWEhpgL9XI5Yg8CbDV8JWKb9gFtzPvHyRt2OeLEgGeL74aqjp:oUImotH6t9gFNvHykLrBL79xcnbp
Score1/10 -
-
-
Target
backdoorppt-1.5/bin/reshacker_setup.exe
-
Size
2.8MB
-
MD5
78d293bea40e7e159728eecfa86ec085
-
SHA1
34a3755fc7aaa65c9658805548a089b43c283940
-
SHA256
32d9aa920d4d97e799fbb630f9bbc4597b52281692175688b6a582501eb0a683
-
SHA512
1b9e02e213615a5460025ce85caea11cc86f9eeb6312e9f4efd6721fa330baa10e9f1c1c50c1331db869491f95e5c7442b2eb0b5c313a7c7e8c799f2a64d8ef7
-
SSDEEP
49152:z75dymiIQzxc0lkwPgusmOuRxPDo1aShQDqdoEaANz+j3KukuTn9fy9QbFFH192P:X5oP2MguLPqxCW7N6j6ukuTnBbbV8jHT
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-