Behavioral task
behavioral1
Sample
1721304906070746219b5d08004f4e1b9c727f3ac75724696f9d0b3809f4a8cc6a17ecac83966.dat-decoded.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
1721304906070746219b5d08004f4e1b9c727f3ac75724696f9d0b3809f4a8cc6a17ecac83966.dat-decoded.exe
Resource
win10v2004-20240709-en
General
-
Target
1721304906070746219b5d08004f4e1b9c727f3ac75724696f9d0b3809f4a8cc6a17ecac83966.dat-decoded.exe
-
Size
185KB
-
MD5
6a67106e88d371f083d1176c40d910a8
-
SHA1
c9150ed72eca5bc210fc4e484d0b60fffdd7f115
-
SHA256
ea9ccc051db7919d082ce7aa22386665e395a196ae870982e8897d8b81fd1f5b
-
SHA512
542a74d6f657005bb169139870f3a5dcc0a2e604181ddc3a81114305f09e728afc4ea1ac5e27bef03cc89aaf25e6a85fddb79d2eff260a817dc87417da644ab2
-
SSDEEP
3072:efANPkOPkBwge3EnaMm7yKaj2K5j5h+ZNWHHfVQwaQl2nU4M0u4:N84EaM4yKaj2s5hfHH7tf4fu
Malware Config
Extracted
formbook
4.1
sk49
quickcash.agency
jf5i2of7h8kdl63.skin
fe25.top
powerfulpositive.com
flickbetegypt.com
sp20242.click
n3tro.com
hxpuog827m.top
willsbountifulcatering.com
rohmglobal.com
globalbuildingbrands.com
aircraft6loan.xyz
yt163.top
123sz8.buzz
00050280.xyz
layninder.com
mytistabenifits.com
golden-retriever-miniature.com
selfdiscoverywellness.com
somoka.com
audmet.xyz
praiseword.com
detodogourmet.com
sodec-home.com
5425357.vip
triplekpets.com
zvbbb.com
amimaneramontclair.com
kindkill.com
threadsbackups.com
meninlovehk.com
jaipreeth.com
nmqhu.sbs
michaelsec.com
sy-lg.com
silstarascenter.com
439570.photos
portalpuff.shop
passiveincomeyourway.com
srnindustrialco.com
bugrasirinn.design
lambertroom.site
mines254.com
dinoweb.site
mo60.top
clickrush777.xyz
mintglowco.com
jdios.icu
utepibu.com
00050680.xyz
hecxion.xyz
bt365961.com
bagibokep.one
snapvideodl.com
itjobsatlanta.com
gwfilmphoto.com
aituranft.app
haulsreward.com
mtplus.online
talentscalinggroup.com
rmnqevea.xyz
88809.club
wwacp.com
gold2bitcoins.com
trevelloescapes.com
Signatures
Files
-
1721304906070746219b5d08004f4e1b9c727f3ac75724696f9d0b3809f4a8cc6a17ecac83966.dat-decoded.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 180KB - Virtual size: 180KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ