Overview
overview
9Static
static
1ChromiumUpdate.exe
windows7-x64
9ChromiumUpdate.exe
windows10-2004-x64
9Dreksite-m...t.html
windows7-x64
3Dreksite-m...t.html
windows10-2004-x64
3Dreksite-m...s.html
windows7-x64
3Dreksite-m...s.html
windows10-2004-x64
3Dreksite-m...f.html
windows7-x64
3Dreksite-m...f.html
windows10-2004-x64
3Dreksite-m...t.html
windows7-x64
3Dreksite-m...t.html
windows10-2004-x64
3Dreksite-m...x.html
windows7-x64
3Dreksite-m...x.html
windows10-2004-x64
3Dreksite-m...n.html
windows7-x64
3Dreksite-m...n.html
windows10-2004-x64
3Dreksite-m...p.html
windows7-x64
3Dreksite-m...p.html
windows10-2004-x64
3General
-
Target
4dc685094aac4273f7bee8a6f2f2ec241606626cba0213491a898b2fcf67151f
-
Size
18.7MB
-
Sample
241109-xlfyjazfjr
-
MD5
73fe2eb11ea63240a962b95cdcabf2ab
-
SHA1
f6e6f4a5f6730be5720a12bc2289ae8cd9b89a7f
-
SHA256
4dc685094aac4273f7bee8a6f2f2ec241606626cba0213491a898b2fcf67151f
-
SHA512
29848a646a117bb048e4157504ad9333137878bcdda21fba348ef1512c8a7268ada697872606cd876a42a2352a1e5ae09feb447b63e7f3a2620ab26aee785ccc
-
SSDEEP
393216:f5C6+8d007mKtcYTHSJXKA7EaybFDp8U3Kjyqum7KoJ:f53+8FOXQPbX8UiyiGoJ
Static task
static1
Behavioral task
behavioral1
Sample
ChromiumUpdate.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
ChromiumUpdate.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Dreksite-main/about.html
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Dreksite-main/about.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
Dreksite-main/affiliaties.html
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Dreksite-main/affiliaties.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Dreksite-main/bedrijf.html
Resource
win7-20241010-en
Behavioral task
behavioral8
Sample
Dreksite-main/bedrijf.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Dreksite-main/contact.html
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Dreksite-main/contact.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
Dreksite-main/index.html
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
Dreksite-main/index.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Dreksite-main/intradrek/admin/includes/head_section.html
Resource
win7-20241010-en
Behavioral task
behavioral14
Sample
Dreksite-main/intradrek/admin/includes/head_section.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
Dreksite-main/osdorp.html
Resource
win7-20241023-en
Behavioral task
behavioral16
Sample
Dreksite-main/osdorp.html
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ChromiumUpdate.exe
-
Size
766.8MB
-
MD5
bbcda30b04ba64717c6ad8118241b9af
-
SHA1
46fe91bf2abf0b956bb248402b695afb9673a738
-
SHA256
0842a9a58afbc69063f4ded76768549f78ae0dbfe717807be6fccc522e6a6f6e
-
SHA512
9b6fe9b489b13922942180332f83b2049acec00d934d0cb6bde3acbbebd3aadcaa43a165f6e49ecc56e479c2c2f2f0885e1d92b209e542305a7e7cae360af20a
-
SSDEEP
98304:ANCq6BaDYlKeUJQDqxRqq8KMOXuUESNrT9GpHWB:ANYacrDIqjKMUne4
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Dreksite-main/about.php
-
Size
3KB
-
MD5
4c634bb36903c42c39adb873b1836d05
-
SHA1
4631d1165ea4616aac117767a787a10f9f595265
-
SHA256
e5a052e16d88a0257f9c1e290c679da3cfc79c2590cf6553df7c1ce61db5b120
-
SHA512
40e5f4e867a2ef179ee1e1dab85bdd1d8583811edf289e165d782a774ade07fa9e01e43a377522af43e8261f8ac7d56b461b35d29126f5118e3f447017e6bd1f
Score3/10 -
-
-
Target
Dreksite-main/affiliaties.php
-
Size
2KB
-
MD5
6058a775265e01eb7f01f72738c48157
-
SHA1
821651933c8c86d63d3f63bac52da13c27f80220
-
SHA256
a68c38753e97d6a22ab7f1487ac2f0e024031924a2350ef945f0cb0c2914c314
-
SHA512
cd5d07a726c54785b978f682164145af27973380e6604285d6d97cb83fe730a597fca81db4ec1b9f6aafd8ebb4b03eb80df0b94c97d64e7b00ae210373f6f0e6
Score3/10 -
-
-
Target
Dreksite-main/bedrijf.php
-
Size
2KB
-
MD5
87700d5e87a8f8cadb1e498b204e0f88
-
SHA1
9d32e0871ba96f25ecd08a65e8a904ebb4f6ddf6
-
SHA256
2e3d9cb4fc0904b75c2c5772c3eec2acb5d37a378ccb267e16898ba105727733
-
SHA512
eb2c50cf2b8268e3d760b71677a95b5d262e9986dba665459f97e8dc60bbb2cd0373d05b8cc41aa13168a771939b53d989fa23847d7a72f0d45cf7356ad4f1d7
Score3/10 -
-
-
Target
Dreksite-main/contact.php
-
Size
3KB
-
MD5
14882721c0ae2374b90d34fbb7b37aca
-
SHA1
12e557e6b3f16b573dfcbc7e43c42b86d50ec47e
-
SHA256
3282e18bb450903bdd5f018db38b85b654d61864cc667e64e1141a088ea3499a
-
SHA512
b1cbd6b56f93df823ac740b516719daaf7b0fbdeb8dd3058052d90d0451af1bdc6bd631a6dac8bdce0335a48ea88b047e68769870951324de59461b85faca2c7
Score3/10 -
-
-
Target
Dreksite-main/index.php
-
Size
1KB
-
MD5
7fc7c31bc615dd019aa088a7fc9ca469
-
SHA1
bd4f4978dbb1962d1d70bed5f691224be8dc4b30
-
SHA256
7d9d16a95ae255a98cd48a298aa6d9c0ee40ff7dcb8307a64e2f19b59bee3b9d
-
SHA512
050a321556aacc66daa75c3e0788cf136da5b00c0aee6ea273a464b3079159ccdc43670463fea0539fffb2574a2aaa2997b2a4def9449dceb25bd3685ebb2220
Score3/10 -
-
-
Target
Dreksite-main/intradrek/admin/includes/head_section.php
-
Size
547B
-
MD5
eed52051945d015e43f90f31879f0f98
-
SHA1
6c5d70cec95406227109021a659778894295ac9c
-
SHA256
aa8242872f9e99dc5c5b9f937e841e9172447f3729b050798dc95ad9e04df8a9
-
SHA512
de51731164bce914d0a301ab1db7b939a231f5bee5596452f370a8d06fadbfc35a321fa54d41bd384ccdff1585bee6eb51a12867e0d5387579a6a89e8809528d
Score3/10 -
-
-
Target
Dreksite-main/osdorp.php
-
Size
2KB
-
MD5
f8d6e51e34fb310a3aa3c2aa71e957f7
-
SHA1
8ea5edd779372d0d09ab69fd7a1ff66e3cca512b
-
SHA256
d25aaa46afcd35524fb2288f4ad48ee21b156bf8a119aeebd40239670c866b43
-
SHA512
5ce2b68726553db34dc41f2eda10dc2fcf30ab5d0142fac58deb33fbd7e61d6423ab0c6ff62d912ea2ca78a7e52c180eefbd3d3e5ffd23e34329915ae0cca2f7
Score3/10 -