General

  • Target

    ed95fd0e520e0d2d96b5a9753fbaf0f191212e336009618422289e580a791c05.zip

  • Size

    4.1MB

  • MD5

    d2ecb8787897a2c8761c90effee19b85

  • SHA1

    a2f58dd1b698311c284d03a6f68ba55ad37d8afa

  • SHA256

    0e1b50b20fdf2e68eed48d9d7d342494d737bbe19ba5909546b265f34d34c8ad

  • SHA512

    a50b40773677a3ad48f7a6afe5fbaadcee55215eabd29b36614cb85a8f7e47ac8c30d3f76deb90b92d4d99f0c7178e6159c59b34d6ff83ffe0a01e645dc2bcff

  • SSDEEP

    98304:+FFB4zMFvROP1hDgiuEsLy9ll9B36fL88mH3ET3:+FFBkMFWv0UJ/36fLy32

Score
10/10

Malware Config

Extracted

Family

dynam1c

C2

https://api.telegram.org/bot6951024292:AAGprPl2um8HO9lZdZ74M1K9MYZVBdAyabA

Signatures

  • Dynam1c family
  • Detect suspicious telegram bot 1 IoCs

    Detect suspicious telegram bot.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ed95fd0e520e0d2d96b5a9753fbaf0f191212e336009618422289e580a791c05.zip
    .zip

    Password: infected

  • ed95fd0e520e0d2d96b5a9753fbaf0f191212e336009618422289e580a791c05
    .exe windows:6 windows x64 arch:x64

    Password: infected

    c2d457ad8ac36fc9f18d45bffcd450c2


    Headers

    Imports

    Sections