General

  • Target

    CONTI7_DC01_2024-10-10_14_49_55.355.zip

  • Size

    15KB

  • MD5

    5e10f1fa13f069f7f72a1c3ce2bafc45

  • SHA1

    d9cd5327e39f99bfb2adbce965ee233ba3c64d76

  • SHA256

    d71a495b53c55ff380ae9e5d9eb31e2162df33e52ef8a0d77066c086108dd1f9

  • SHA512

    06f41a1b3133e407de9b2be7acc2d3fd62789319f1554240ed898f5d5c2d3f3e621d2d363a40fe0d5bf49932979c2999c69cbba5b1bc686b55357411ab4032f1

  • SSDEEP

    384:NOLI1WjNqXFfMrm5txm6bxdbmFZc1HquJ0dVjXnIJ34xnJTqq:N8jNqV+6bxC6mlX83I1qq

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • CONTI7_DC01_2024-10-10_14_49_55.355.zip
    .zip

    Password: infected123!

  • Device/HarddiskVolume2/Program Files/NSClient++/scripts/check_azureadconnectsync.exe
    .exe .ps1 windows:4 windows x86 arch:x86 polyglot

    Password: infected123!

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • manifest.json