General
-
Target
12072024_1034_11072024_FV-GDS3535353 ROVANJO Udtryksfulderes.7z
-
Size
4KB
-
Sample
240712-mmfn2szcnj
-
MD5
1126f7aec2c8928649464da292c06eec
-
SHA1
fbade0cb129da4d96c963320e81d1bed795f8e0f
-
SHA256
e8461927d0dd3ce82be9acb94260a79e7b52ee46257a376e9d3b88eccbf640d1
-
SHA512
1ede6f08bfe303d80136d637491fde827a4265f7b159db674513db4f034b91813e6c029c8b118ba0a35bfa08efad4c0f4ad11e5b7a5fcfe4d13eaff8da4469ee
-
SSDEEP
96:ZSmzCZR1n80GcmbXwB3+j0LOjQJG5OLdPdX:5CJn82mkBa2OjP5OZB
Static task
static1
Behavioral task
behavioral1
Sample
FV-GDS3535353 ROVANJO Udtryksfulderes.bat
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
FV-GDS3535353 ROVANJO Udtryksfulderes.bat
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
FV-GDS3535353 ROVANJO Udtryksfulderes.bat
-
Size
6KB
-
MD5
60186cd9a2e82835bc143c1fb4662b7e
-
SHA1
880c7f14743f9759b30bcc28085949122f54c20e
-
SHA256
b66081b0e5dfe21e03d1043700d7c05e65bda96ad33a6370c374217d5ae84405
-
SHA512
98ca66c502178601cf1d568fb4b5ef122564f548eae2c82c9979207ea69398212f2b35571f3cc0696ec9edb70174a016c00ddd12fc26140d63196188e6f0f8b7
-
SSDEEP
192:jOJVeUYLAKLt+IS0y+80TJco4Ga5y0p8te:QeAKZZS280FL3aw0aE
Score10/10-
Blocklisted process makes network request
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-