General
-
Target
INVOICE.scr.exe
-
Size
393KB
-
Sample
241104-shv6tsvjfn
-
MD5
4da064c180a8e2c32320663d4315f270
-
SHA1
d847da8050203241b32e0664eaf2aae555ed6b73
-
SHA256
3fa4ae4ae197fa29bb3b99af1b7b786fc125d4d6248e2198570332c67c120a53
-
SHA512
51819d6193ce7e31d33f984c33772867c503792b180cd7f480a1b06af4e056da34689481e8bb99a9036fcba1bed8158af244c72c038ed3d1ae4e552dcc209e66
-
SSDEEP
6144:WIrwD4t4+Lax3nA++V+8FWzCFdbCeDJzikdg3xlRG14AprHFrVRy8SEf:vr64t4+Lax3rfegkde5WHFrm8SE
Static task
static1
Behavioral task
behavioral1
Sample
INVOICE.scr.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
INVOICE.scr.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
INVOICE.scr.exe
-
Size
393KB
-
MD5
4da064c180a8e2c32320663d4315f270
-
SHA1
d847da8050203241b32e0664eaf2aae555ed6b73
-
SHA256
3fa4ae4ae197fa29bb3b99af1b7b786fc125d4d6248e2198570332c67c120a53
-
SHA512
51819d6193ce7e31d33f984c33772867c503792b180cd7f480a1b06af4e056da34689481e8bb99a9036fcba1bed8158af244c72c038ed3d1ae4e552dcc209e66
-
SSDEEP
6144:WIrwD4t4+Lax3nA++V+8FWzCFdbCeDJzikdg3xlRG14AprHFrVRy8SEf:vr64t4+Lax3rfegkde5WHFrm8SE
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-