General
-
Target
seebestthingswithreadyforgoodthingstogetmebackwithnice________________verynicepeopleswithoofdthingswh9chreallynicefrogoofdpeoples________verygoodpeopleswithnew.doc
-
Size
111KB
-
Sample
241029-qqbfaaxjcm
-
MD5
b2daf885c5199ed93bfdafe0f3a33ae6
-
SHA1
3d2dba1d76e2bfcae449113de1597d0c725b3421
-
SHA256
e164bb4a190f79c58b836441a8f59bf3ead186f359fbac64b0e86e7e058c0efe
-
SHA512
662cf497918cabc230d8f857826cf6ed67b58288bd1dd8f61c617fe41b0a9034acc957716aa6f4e860d5546652d158be9b0aaec231034a8dad5a533dcb8381e2
-
SSDEEP
384:GSXY16lFxTu95qsyeYJZw9IHJkJhvO6CC9GBRKdEQj3Mh/xyc11wtSuQO7HBLOWk:hXc/XBoGGBgnj3Mh/71wtSuQULOWk
Static task
static1
Behavioral task
behavioral1
Sample
seebestthingswithreadyforgoodthingstogetmebackwithnice________________verynicepeopleswithoofdthingsw.rtf
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
seebestthingswithreadyforgoodthingstogetmebackwithnice________________verynicepeopleswithoofdthingsw.rtf
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://drive.google.com/uc?export=download&id=1AIVgJJJv1F6vS4sUOybnH-sDvUhBYwur
https://drive.google.com/uc?export=download&id=1AIVgJJJv1F6vS4sUOybnH-sDvUhBYwur
Targets
-
-
Target
seebestthingswithreadyforgoodthingstogetmebackwithnice________________verynicepeopleswithoofdthingswh9chreallynicefrogoofdpeoples________verygoodpeopleswithnew.doc
-
Size
111KB
-
MD5
b2daf885c5199ed93bfdafe0f3a33ae6
-
SHA1
3d2dba1d76e2bfcae449113de1597d0c725b3421
-
SHA256
e164bb4a190f79c58b836441a8f59bf3ead186f359fbac64b0e86e7e058c0efe
-
SHA512
662cf497918cabc230d8f857826cf6ed67b58288bd1dd8f61c617fe41b0a9034acc957716aa6f4e860d5546652d158be9b0aaec231034a8dad5a533dcb8381e2
-
SSDEEP
384:GSXY16lFxTu95qsyeYJZw9IHJkJhvO6CC9GBRKdEQj3Mh/xyc11wtSuQO7HBLOWk:hXc/XBoGGBgnj3Mh/71wtSuQULOWk
-
Blocklisted process makes network request
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-