General
-
Target
Lydisolerendes.exe
-
Size
540KB
-
Sample
241022-tsfdssterg
-
MD5
c102be4fe0f4b2daa8079f8e96d3dbf9
-
SHA1
621ef9f2ec3b515811554c54fbc1876327ca9039
-
SHA256
d44e056cef3d42814519f4e2cb0bc609ffe8f1ab02bb49093ab9b04ba349e998
-
SHA512
dd1ab1ae628626ffc96ddc71076a70ef673dc22b0a3f10a888a43fec2fd89dba82b7158cc1460cec7753d61d60d40f3ce94d1c1c7c2833a31c4d9aa37f1eaf84
-
SSDEEP
12288:DML8DpbWc2SiqNxMhG330KXWBtxsqUGy841Wks+ZHmkHN3HiPCpfBVx:ILYtRt0BxTZy84DHnHpHiwV
Static task
static1
Behavioral task
behavioral1
Sample
Lydisolerendes.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
Lydisolerendes.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Lydisolerendes.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
Lydisolerendes.exe
-
Size
540KB
-
MD5
c102be4fe0f4b2daa8079f8e96d3dbf9
-
SHA1
621ef9f2ec3b515811554c54fbc1876327ca9039
-
SHA256
d44e056cef3d42814519f4e2cb0bc609ffe8f1ab02bb49093ab9b04ba349e998
-
SHA512
dd1ab1ae628626ffc96ddc71076a70ef673dc22b0a3f10a888a43fec2fd89dba82b7158cc1460cec7753d61d60d40f3ce94d1c1c7c2833a31c4d9aa37f1eaf84
-
SSDEEP
12288:DML8DpbWc2SiqNxMhG330KXWBtxsqUGy841Wks+ZHmkHN3HiPCpfBVx:ILYtRt0BxTZy84DHnHpHiwV
Score10/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-