General
-
Target
Telegram.lnk
-
Size
1KB
-
Sample
240718-k1t3gs1grq
-
MD5
f41af6e5d14c7c68a9a3093d709579a6
-
SHA1
ee2548e831fb3a16f980c16992acfc4411afa1a5
-
SHA256
85e3c92814e9abdbf40c9161e51fe7b141eba071e3419da242c7b9608ee6f81d
-
SHA512
afc297dfbd93f7a33222bca486bc7cf87feb73156ecdb1c9ec85a4c6b6d9aac83583c68727a01178adf792e6a0c30e5d9c58a924cf275f5f9578613754866d0e
Static task
static1
Behavioral task
behavioral1
Sample
Telegram.lnk
Resource
win10v2004-20240709-en
Malware Config
Extracted
C:\Users\Admin\Downloads\Telegram Desktop\Май7\[GT]45.183.221.3\Important Files\Desktop\BACKUP ELI MORALES 151223\DOCUMENTOS\bQ8ODxIi2.README.txt
Extracted
C:\Users\Admin\Downloads\Telegram Desktop\Май9\ES_85.251.25.209_09-05-2024\Files\desktop\CAJA DE PANDORA\OPOSICION\Oposiciones Auxiliar SAS\_openme.txt
https://www.sendspace.com/file/1sg7f3
Targets
-
-
Target
Telegram.lnk
-
Size
1KB
-
MD5
f41af6e5d14c7c68a9a3093d709579a6
-
SHA1
ee2548e831fb3a16f980c16992acfc4411afa1a5
-
SHA256
85e3c92814e9abdbf40c9161e51fe7b141eba071e3419da242c7b9608ee6f81d
-
SHA512
afc297dfbd93f7a33222bca486bc7cf87feb73156ecdb1c9ec85a4c6b6d9aac83583c68727a01178adf792e6a0c30e5d9c58a924cf275f5f9578613754866d0e
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-