General

  • Target

    240819-ffkk4ajp3z_pw_infected.zip

  • Size

    40KB

  • MD5

    4f6b7e99d9d9a989cf30057fa7b3441c

  • SHA1

    1dbd38c29ef45c3f24a5f985c126b745788bf1aa

  • SHA256

    5450438a57c00c3acdf40552dce8ed12387450fc86cba3fcd61275c882b6c90a

  • SHA512

    062c459047b1f3c93a87ae775ce989d17f3357e8ce08650694e3a6965c6e59c742613d61bad994a59bb3f28aea120f5d36ecce561bc0e6e3882bc5b4da0a1b2b

  • SSDEEP

    768:xRt27eNhfBFxBegSukaevxFF44ur5C/JxKU9nVeKM/qDoAlyBghiGsQW6qea4:/t2KNhfBFxBeLu8x44ur5C/JwIn4dMcy

Score
10/10

Malware Config

Extracted

Family

phemedrone

C2

https://playerenterprises.org/test/gate.php

Signatures

  • Phemedrone family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 240819-ffkk4ajp3z_pw_infected.zip
    .zip

    Password: infected

  • 9ea494b525c4676e63f943e2d1dba751c377b9138613003c80d14ddfaed6883e
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections