General
-
Target
Due-Diligence-Checklist-For-Oil-And-Gas-Properties.7z
-
Size
6.4MB
-
Sample
240619-gyadhsvhkh
-
MD5
91a459c227f20791aff59f13a66b3723
-
SHA1
d5806d811789b753b9edcbb97412a333568bd001
-
SHA256
c16b701105afe180c77befa58f8140f9583a1b0538d13b43e52eb2b996885124
-
SHA512
41f8b82b6952bde961f1bbac1ccdbe88616c2ce0d4bae24e767ad3102fef13d2b7e7761d27225acc1563e8860c67d8a0a80cf895ae9f9d4c552c618db7022f69
-
SSDEEP
196608:5Nzmn6ULLY/M33Qz4WLO1iOALKgPMnmcl8k8:bmn6UnHQM11oLZPumcly
Static task
static1
Behavioral task
behavioral1
Sample
Due-Diligence-Checklist-For-Oil-And-Gas-Properties.msi
Resource
win10-20240404-en
Malware Config
Extracted
jupyter
SP-13
http://45.42.201.248
Targets
-
-
Target
Due-Diligence-Checklist-For-Oil-And-Gas-Properties.msi
-
Size
123.1MB
-
MD5
c4772d76029004a5512ea6e2ff3be39b
-
SHA1
6bda1d3e855a87e5295c933994c2bf58399999e9
-
SHA256
1197067d50dd5dd5af12e715e2cc00c0ba1ff738173928bbcfbbad1ee0a52f21
-
SHA512
12d2c556e47d6981b17b4db641391288d7a58c6de770500294eca1ae6dbb3a4734443f634c6acf8130400c45b351e7c6c0c6a08f9f98ab3533518735496503fc
-
SSDEEP
196608:gWbwgv5oCWjcY9NByzo3H3URiwSib+N6eXN:gWUgBoCWAfz+kRkiaNHXN
-
Jupyter Backdoor/Client payload
-
Blocklisted process makes network request
-
Drops startup file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-