General
-
Target
WFDSetup_1.5.6.58.exe
-
Size
3.5MB
-
Sample
241119-ydh9cssakm
-
MD5
e5e1087e206ca63fe54c408fe38cfcf8
-
SHA1
96b5efa6f96e38e889b7c7474c62d7fe72c7f946
-
SHA256
9052dfd0e29f50f064ad6f8e5a4e78f324659f932af5d13c97e0f127e3516e16
-
SHA512
9f53f34a0bf6fe512331aaa09bade3ae4ddbd9dfdd608627801e094965dc01f5bd6c0b475bce452cf559b8411535cff9f37423e29f9da5acf6198bfeca039efd
-
SSDEEP
98304:nptvTfuSOlyaaErMd18veer1ZiYWy32gmcwb+oX:pASOo9duN1Zia32gmh
Malware Config
Targets
-
-
Target
WFDSetup_1.5.6.58.exe
-
Size
3.5MB
-
MD5
e5e1087e206ca63fe54c408fe38cfcf8
-
SHA1
96b5efa6f96e38e889b7c7474c62d7fe72c7f946
-
SHA256
9052dfd0e29f50f064ad6f8e5a4e78f324659f932af5d13c97e0f127e3516e16
-
SHA512
9f53f34a0bf6fe512331aaa09bade3ae4ddbd9dfdd608627801e094965dc01f5bd6c0b475bce452cf559b8411535cff9f37423e29f9da5acf6198bfeca039efd
-
SSDEEP
98304:nptvTfuSOlyaaErMd18veer1ZiYWy32gmcwb+oX:pASOo9duN1Zia32gmh
Score7/10-
A potential corporate email address has been identified in the URL: [email protected]
-
Executes dropped EXE
-
Loads dropped DLL
-
Detected potential entity reuse from brand MICROSOFT.
-