General
-
Target
92a8cc4e385f170db300de8d423686eeeec72a32475a9356d967bee9e3453138.vbs
-
Size
74KB
-
Sample
241018-cnfekatdrn
-
MD5
acfba6ff2e80e0ebc80df9e7d326337c
-
SHA1
fe28d5756815fdac31a744a2f11c075f5b1892bc
-
SHA256
92a8cc4e385f170db300de8d423686eeeec72a32475a9356d967bee9e3453138
-
SHA512
2dcea669b4b3135bca6eba88542948188e25fb040db0a83bac03957b1fd59037998e7bb4a38774115ca051f07cbeacf99fd95113321e6c8fae4568a2e4e30f00
-
SSDEEP
768:BfaGWSO85ALmEcHUfkJ7Bate4LV1VZ6Y3PaNNHpXKMcpgUj:gGZALNcH77BajLbf61NR1pcbj
Static task
static1
Behavioral task
behavioral1
Sample
92a8cc4e385f170db300de8d423686eeeec72a32475a9356d967bee9e3453138.hta
Resource
win7-20240903-en
Malware Config
Extracted
stealc
sneprivate29
http://95.182.97.58
-
url_path
/84b7b6f977dd1c65.php
Targets
-
-
Target
92a8cc4e385f170db300de8d423686eeeec72a32475a9356d967bee9e3453138.vbs
-
Size
74KB
-
MD5
acfba6ff2e80e0ebc80df9e7d326337c
-
SHA1
fe28d5756815fdac31a744a2f11c075f5b1892bc
-
SHA256
92a8cc4e385f170db300de8d423686eeeec72a32475a9356d967bee9e3453138
-
SHA512
2dcea669b4b3135bca6eba88542948188e25fb040db0a83bac03957b1fd59037998e7bb4a38774115ca051f07cbeacf99fd95113321e6c8fae4568a2e4e30f00
-
SSDEEP
768:BfaGWSO85ALmEcHUfkJ7Bate4LV1VZ6Y3PaNNHpXKMcpgUj:gGZALNcH77BajLbf61NR1pcbj
-
Detects HijackLoader (aka IDAT Loader)
-
Blocklisted process makes network request
-
Download via BitsAdmin
-
Downloads MZ/PE file
-
Suspicious use of SetThreadContext
-