Behavioral task
behavioral1
Sample
tebo-ictview.4.0-patch.zip
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
tebo-ictview.4.0-patch.zip
Resource
win10v2004-20241007-en
General
-
Target
tebo-ictview.4.0-patch.zip
-
Size
531KB
-
MD5
cad2506fdf50bc3cca25f582049984d0
-
SHA1
e141d367b764623ffb37801a3c7a4a15a07988df
-
SHA256
5217148419fc18f5b476d74431d7a437d0f4e2ca43017b8b69507d1e200b378b
-
SHA512
34e3431a681d7b890e3e78d32f9716fc51857600d0d57e865a5c30fda780c38415fc884f2b9fc3921c3f4705d19ca192dddb76671dc1d952485d904aa250e29f
-
SSDEEP
12288:uW+lzoSzhyYn+0gbmn9RY5fhvLddM93vQv0Os34:Dw5Fnxmmn4VxZ+3W014
Malware Config
Signatures
Files
-
tebo-ictview.4.0-patch.zip.zip
-
1. FILES SOURCE LINK.url.url
-
1. README!!!-ПРОЧТИ!!!.txt
-
QRcod.png.png
-
https://t.me/DeviceDBadd_bot
-
-
tebo-ictview.4.0-patch.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: - Virtual size: 428KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.xiaohui Size: 412KB - Virtual size: 416KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE