General
-
Target
acc22c4ef54a9ce00e6a7be0016a0522bbe3ad8719ec1b5362f0a8b3124df312
-
Size
676KB
-
Sample
241118-hyz5ls1fna
-
MD5
6db0e0efee103128e3c24b90fdf457c2
-
SHA1
b5757767d503faaceb2abe0d764301e5fe13cced
-
SHA256
acc22c4ef54a9ce00e6a7be0016a0522bbe3ad8719ec1b5362f0a8b3124df312
-
SHA512
88dc630d142ac2d17427a1cfbade3c20b9ffaf6a91424214f832d5909220787853af090c1bb7da8446252eef4ddaa93cae4830a291fce0a9209146704a1e4c64
-
SSDEEP
12288:5uBs5rkUPrDbFIlpScqx+at2p3woj8Bor0n2coMjvMZqoa4rRoj+wbX20cF2KbMB:5uBiYUPnbGFfj8BK0sMjUZqoaMuXbvca
Static task
static1
Behavioral task
behavioral1
Sample
New Order Data sheet Page.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
New Order Data sheet Page.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
New Order Data sheet Page.exe
-
Size
1.1MB
-
MD5
47ee0bd61761d9430374149d29276602
-
SHA1
08f9bd85abee4f197ca34f50852c72df045e02c9
-
SHA256
da8ceb574f5be88505d4be66d55e9cd6a9fab4bee5d8ea00f7a9f6b2026ca1ed
-
SHA512
ae577bc2c0eaa79650fdb4846e13d4f3fed96517ec3e4b295db5a62199428f28fce8e7294abea09339c8bc693f55c6c38607d67205fbd619a241402e2f285b1d
-
SSDEEP
24576:Etb20pkaCqT5TBWgNQ7aW8JqogSufpvcFB1SdD+6A:tVg5tQ7aWaq0FXSd65
Score6/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-