General
-
Target
TheBloxyCola.zip
-
Size
25.3MB
-
Sample
240902-a4msgaxend
-
MD5
f3f59703e82592ad5e620452977d4b15
-
SHA1
a0fb0a04e8ab842c06cdcb0fc9860de9b0546269
-
SHA256
96759ddde502d38d9cd9c20577d8e31d6cc08fd543810ccb48be41cc9f16878c
-
SHA512
9b60faefa5ceedd75505b522e44fc3fe6da4c4a06c21626eecbb035022c48082a4458091218a9caaf29718987fdaf8c641f76283a3f051b032224e46871f23a0
-
SSDEEP
786432:rD8QQbWu4p2VP+TP1dnSV+e/SJaVPe/p3VL6tJrb:rLKWu4UVGbS/r2fL6tJrb
Malware Config
Targets
-
-
Target
OpenMe.py
-
Size
503B
-
MD5
89f9c3eefdfb8ac2f5512c37831041d2
-
SHA1
ae680be1207291d5207072ca81283b6877d0b4b3
-
SHA256
9a10f144b4a040934cddbcf91426622805a5670e95c19bc86d434811971db973
-
SHA512
8a83123c18535533291f6d2742f1ef6eb24b9faec66bd682ccad3532d087bce438f44e7f912554b97d48ff9f3b4e78c7955b8f5af470a72d480f69c6f8dd6869
Score3/10 -
-
-
Target
PluginStarter/StartCola.cmd
-
Size
2KB
-
MD5
54e98f7873935170fb3ea4e7138e2703
-
SHA1
57ad568a65020cfc43c15086efa4b618e74f9957
-
SHA256
3ab8259a4adead25473ae5ae48d9b7651721810d395d99669f96c95d12469fa8
-
SHA512
3bc2d683c9a5e88a65b02a906f75af23bd45974d91fc31e510ea3159f917c52f9e5fe2dac56807e8f1baa436d79f3316ccbb4c2dc450185b28cf44c1936c175b
Score8/10-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Command and Scripting Interpreter: PowerShell
Using powershell.exe command.
-
Drops file in System32 directory
-
-
-
Target
python-3.12.4-amd64.exe
-
Size
25.5MB
-
MD5
f3df1be26cc7cbd8252ab5632b62d740
-
SHA1
3b1f54802b4cb8c02d1eb78fc79f95f91e8e49e4
-
SHA256
da5809df5cb05200b3a528a186f39b7d6186376ce051b0a393f1ddf67c995258
-
SHA512
2f9a11ffae6d9f1ed76bf816f28812fcba71f87080b0c92e52bfccb46243118c5803a7e25dd78003ca7d66501bfcdce8ff7c691c63c0038b0d409ca3842dcc89
-
SSDEEP
786432:zRd0l0X/46+nq1rcVqA5Z2bQcLsv0GlYrJF55e2nRk:L5P46+q1QTILMKB5e2nRk
Score4/10 -