Overview
overview
8Static
static
3Debug.rar
windows7-x64
3Debug.rar
windows10-2004-x64
3Debug.exe
windows7-x64
8Debug.exe
windows10-2004-x64
8Mono.Cecil.Mdb.dll
windows7-x64
1Mono.Cecil.Mdb.dll
windows10-2004-x64
1Mono.Cecil.dll
windows7-x64
1Mono.Cecil.dll
windows10-2004-x64
1Open.Nat.dll
windows7-x64
1Open.Nat.dll
windows10-2004-x64
1protobuf-net.Core.dll
windows7-x64
1protobuf-net.Core.dll
windows10-2004-x64
1General
-
Target
Debug.rar
-
Size
925KB
-
Sample
240613-sbqb1axfpn
-
MD5
4aedf136c54f9a83eb3e6cba1b5f4f7a
-
SHA1
f652f21c5dba0eb266f39e7874670f5ab3214ab0
-
SHA256
eb8c2f93056b9668c7e589feaad208e08adb00e3f869e243a02d824763f0f04f
-
SHA512
6f6911cfe4cd7410d316740fcfe652e7f449078453a902393e70e82d2ab4ec89bdcfc2be7d539bcb34aa1543b8c03b8b43ff21e6d91c4b98277de3cf2c5c128d
-
SSDEEP
24576:WQyemHxYGKi1hCWO9BCAy9SH7kDhuVpdx:WQ5K6n5BNy9Sbmhedx
Static task
static1
Behavioral task
behavioral1
Sample
Debug.rar
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
Debug.rar
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Debug.exe
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
Debug.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
Mono.Cecil.Mdb.dll
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
Mono.Cecil.Mdb.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Mono.Cecil.dll
Resource
win7-20240611-en
Behavioral task
behavioral8
Sample
Mono.Cecil.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral9
Sample
Open.Nat.dll
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
Open.Nat.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
protobuf-net.Core.dll
Resource
win7-20240611-en
Behavioral task
behavioral12
Sample
protobuf-net.Core.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Debug.rar
-
Size
925KB
-
MD5
4aedf136c54f9a83eb3e6cba1b5f4f7a
-
SHA1
f652f21c5dba0eb266f39e7874670f5ab3214ab0
-
SHA256
eb8c2f93056b9668c7e589feaad208e08adb00e3f869e243a02d824763f0f04f
-
SHA512
6f6911cfe4cd7410d316740fcfe652e7f449078453a902393e70e82d2ab4ec89bdcfc2be7d539bcb34aa1543b8c03b8b43ff21e6d91c4b98277de3cf2c5c128d
-
SSDEEP
24576:WQyemHxYGKi1hCWO9BCAy9SH7kDhuVpdx:WQ5K6n5BNy9Sbmhedx
Score3/10 -
-
-
Target
Debug.exe
-
Size
627KB
-
MD5
f64ac2d52a86b86f08b6c4bdc2d443e8
-
SHA1
9268869f34ee1669642d8772273852789ec8fec9
-
SHA256
1de70ae6a465a3132c37a907f37be0410e6febd57eb5a02b26711ddab94a85c3
-
SHA512
b0ae630ff80b5277408c18a2d6bbd0c405ab370d0549607e3f3093feb1a1f9807fe4b6433d8b9fd5a4c6f105e7583c602594d356df7b5a6a15bc127fc20c7b9b
-
SSDEEP
12288:wSO9Dx9JGtrjUCb5O3GwrJdovetVZK/WNIc9MSuklCpNkkblz1JEV2PjC/64owCY:NOdJGhjXs3GwrYv9/WNjySudblrs2Pj8
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-
-
-
Target
Mono.Cecil.Mdb.dll
-
Size
42KB
-
MD5
1c6aca0f1b1fa1661fc1e43c79334f7c
-
SHA1
ec0f591a6d12e1ea7dc8714ec7e5ad7a04ef455d
-
SHA256
411f8ed8c49738fa38a56ed8f991d556227d13602e83186e66ae1c4f821c940b
-
SHA512
1c59e939d108f15881d29fe4ced4e5fa4a4476394b58b6eb464da77192cb8fe9221b7cd780af4596914d4cce7c3fc53f1bb567f944c58829de8efbe1fd87be76
-
SSDEEP
768:Ar5EYZep98C87KHeBUZwrEzsEAnbF+em50KktmM4CRIcZwMRTIzMAtpw:Ar59g98C87KHeBUb5AnZG+zdwMRTzAtS
Score1/10 -
-
-
Target
Mono.Cecil.dll
-
Size
350KB
-
MD5
de69bb29d6a9dfb615a90df3580d63b1
-
SHA1
74446b4dcc146ce61e5216bf7efac186adf7849b
-
SHA256
f66f97866433e688acc3e4cd1e6ef14505f81df6b26dd6215e376767f6f954bc
-
SHA512
6e96a510966a4acbca900773d4409720b0771fede37f24431bf0d8b9c611eaa152ba05ee588bb17f796d7b8caaccc10534e7cc1c907c28ddfa54ac4ce3952015
-
SSDEEP
6144:jIevdbLPNYe8bikm98KXPHhOWY/fFREomhUFD3z:se1PNL+QRfBg/f/EWFD
Score1/10 -
-
-
Target
Open.Nat.dll
-
Size
68KB
-
MD5
cc6f6503d29a99f37b73bfd881de8ae0
-
SHA1
92d3334898dbb718408f1f134fe2914ef666ce46
-
SHA256
0b1e0d8f87f557b52315d98c1f4727e539f5120d20b4ca9edba548983213fbb5
-
SHA512
7f4c0a35b612b864ad9bc6a46370801ed7433424791622bf77bf47d6a776cb6a49e4977b34725ead5d0feaa1c9516db2ca75cb8872c77a8f2fab6c37740b681f
-
SSDEEP
768:sF6vHHLFkywkNh5qtHMjkCifoydVXw5FxusiolecziijiSvD+ZGFa4Pw6OdrGHUm:8GmyJNh0tbt3MLQ9W2rG0Ydd
Score1/10 -
-
-
Target
protobuf-net.Core.dll
-
Size
280KB
-
MD5
22f7136e247426958accb8fbcaa61aa5
-
SHA1
2a993d0e38f37847241f84b29d68b638c84f0d40
-
SHA256
c2d60f830a36cfde073cec414df3ae85b9b93008b97be54b60c814f3098a642a
-
SHA512
29e850ae64dda2393c78dbb7624ad3507f573f28308ccacef29a90954cf93cc6e3f30980d11cbef1bdc29d3b8f2c96ca2ed81553cdd06502f1745ccf19803955
-
SSDEEP
6144:fs9o38N4o37q+5tdwTjJ7aplcCV0ErJIVj+:nc5tdujv4LJaj+
Score1/10 -