General
-
Target
8d97f71457a0a2977a82571583306c26.zip
-
Size
273KB
-
Sample
240831-d3z8ystdpq
-
MD5
dbf504ca675010603cbde841c9a2207c
-
SHA1
799194b7d8df429cdbce494767f106e6f5342a06
-
SHA256
c2a7f190f90a0517a791e5ad8bd8941f6639f84d7e45d6c3b3099adfae1b7e17
-
SHA512
8d4626334c7e9381979e4de7d193ff1e6c9b792df7debb530628b9b162216ebf67f4bd4e9e6b634c5e21c56aa8c2f2d71000027dd1b7197b1fd29d647c9ec511
-
SSDEEP
6144:9gZh+qGEB/WOqSVppu43eWTGtgCsfIJLR8kDX2PIWqm13k8A3:u8ElWOBVppHOSL6LekDX2gB8A3
Static task
static1
Behavioral task
behavioral1
Sample
a7c9e0bba10b853dd183f2c6b732bd0e1001f1a7b455007dc3022ff465b7797f.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a7c9e0bba10b853dd183f2c6b732bd0e1001f1a7b455007dc3022ff465b7797f.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
oski
forum.daffodil-bd.com
Targets
-
-
Target
a7c9e0bba10b853dd183f2c6b732bd0e1001f1a7b455007dc3022ff465b7797f
-
Size
396KB
-
MD5
8d97f71457a0a2977a82571583306c26
-
SHA1
936800c740c13a3fc2e05a1c1376007f58002a7d
-
SHA256
a7c9e0bba10b853dd183f2c6b732bd0e1001f1a7b455007dc3022ff465b7797f
-
SHA512
5708375538d7b9927784809912a0b0588e200aaf62668226b9b83c2c4879306d989bef3033807bd7bb8989a56b58b2369b42327968f23f2dddc6d9b2975c51f5
-
SSDEEP
12288:7ycqterR53JplKiFwgxtQ9LdQAGAHUq/uzK6UA8t9HHHHHHHHHIHHHHHHczJXNAG:7QtervJXzQ9L
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-