Overview

overview

1

Static

static

1

REQ# 826896.zip

windows7-x64

1

REQ# 826896.zip

windows10-2004-x64

1

Resubmissions

21/11/2024, 10:22

241121-mej2hawjek 5

21/11/2024, 10:19

241121-mcqfhawjcj 1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    REQ# 826896.zip

  • Size

    90KB

  • MD5

    cf596b7aa12343e6cbada552f01ae7ce

  • SHA1

    d04ef508943d7ba8a619bace242360da065f462d

  • SHA256

    ec0ad1f8f2e44caf62b64352630eb4bff5439bf05ad06c8f745bcde91c5a21a9

  • SHA512

    71159ba126e3f295719255318479b3412595d42fa24c6d36ff467fad0f90938b7ffbdab3aa29c29746b63df2aac3d0c7682560fce89e0a08d16098fcbe3c6914

  • SSDEEP

    1536:wiqoU2+Lig3Atp9MKat6ooroIfbkd4zSOXHfG17vO82tA43e4mb3mZ6O2:wiqm+LEtp/at6ooUIfbr1XHATO8SAWe7

Score
1/10

Malware Config

Signatures

Files

  • REQ# 826896.zip
    .zip

    Password: virus

  • message__193120241102236488AE6E64_D41A9B20C5_the_urban_institute_de_.eml
    .eml

    Password: virus

    • https://urldefense.com/v3/__

    • https://www.google.ie/url?q=querykh2l(spellCorrectionEnabled*3Atrue*2CrecentSearchParam*3A(id*3A3891228890*2CdoLogHistory*3Atrue)*2Cfilters*3AList((type*3AREGION*2Cvalues*3AList((id*3A103644278*2Ctext*3AUnited*2520States*2CselectionType*3AINCLUDED))))*2Ckeywords*3Aremote)&sessionId=5NTcRf4wT3OOZdAOuNu6*2FQ*3D*3Dquery(spellCorrectionEnabled*3Atrue*2CrecentSearchParam*3A(id*3A3891228890*2CdoLogHistory*3Atrue)*2Cfilters*3AList((type*3AREGION*2Cvalues*3AList((id*3A103644278*2Ctext*3AUnited*2520States*2CselectionType*3AINCLUDED))))*2Ckeywords*3Aremote)&sessionId=5NTcRf4wT3OOZdAOuNu6*2FQ*3D*3Dquery(spellCorrectionEnabled*3Atrue*2CrecentSearchParam*3A(id*3A3891228890*2CdoLogHistory*3Atrue)*2Cfilters*3AList((type*3AREGION*2Cvalues*3AList((id*3A103644278*2Ctext*3AUnited*2520States*2CselectionType*3AINCLUDED))))*2Ckeywords*3Aremote)&sessionId=5NTcRf4wT3OOZdAOuNu6*2FQ*3D*3Dquery(spellCorrectionEnabled*3Atrue*2CrecentSearchParam*3A(id*3A3891228890*2CdoLogHistory*3Atrue)*2Cfilters*3AList((type*3AREGION*2Cvalues*3AList((id*3A103644278*2Ctext*3AUnited*2520States*2CselectionType*3AINCLUDED))))*2Ckeywords*3Aremote)&sessionId=5NTcRf4wT3OOZdAOuNu6*2FQ*3D*3D&sa=t&url=amp*2fjoaopaulosarli.com.br*2fyoya*2frh5liwqpm35dcxqoi3ulz21tcvvbkeyqbj3a4*cmZlYXJvbkBsZWVkc2J1aWxkaW5nc29jaWV0eS5jby51aw==$*__;JSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJS8_!!AKHUiGiCwWFVZCM!QwCi8ZToQHU1TldOzKI1bxFvQCYtxoI8ipLFIk_yoq7ieCV-HgToDCjdT0vYL8KOpUaskqW-dM1ez1HghYnseuNB9bb6IDAfi6yJV1HWYVmThQ6A$

    • https://www.google.ie/url?q=queryuu5w(spellCorrectionEnabled*3Atrue*2CrecentSearchParam*3A(id*3A3891228890*2CdoLogHistory*3Atrue)*2Cfilters*3AList((type*3AREGION*2Cvalues*3AList((id*3A103644278*2Ctext*3AUnited*2520States*2CselectionType*3AINCLUDED))))*2Ckeywords*3Aremote)&sessionId=5NTcRf4wT3OOZdAOuNu6*2FQ*3D*3Dquery(spellCorrectionEnabled*3Atrue*2CrecentSearchParam*3A(id*3A3891228890*2CdoLogHistory*3Atrue)*2Cfilters*3AList((type*3AREGION*2Cvalues*3AList((id*3A103644278*2Ctext*3AUnited*2520States*2CselectionType*3AINCLUDED))))*2Ckeywords*3Aremote)&sessionId=5NTcRf4wT3OOZdAOuNu6*2FQ*3D*3Dquery(spellCorrectionEnabled*3Atrue*2CrecentSearchParam*3A(id*3A3891228890*2CdoLogHistory*3Atrue)*2Cfilters*3AList((type*3AREGION*2Cvalues*3AList((id*3A103644278*2Ctext*3AUnited*2520States*2CselectionType*3AINCLUDED))))*2Ckeywords*3Aremote)&sessionId=5NTcRf4wT3OOZdAOuNu6*2FQ*3D*3Dquery(spellCorrectionEnabled*3Atrue*2CrecentSearchParam*3A(id*3A3891228890*2CdoLogHistory*3Atrue)*2Cfilters*3AList((type*3AREGION*2Cvalues*3AList((id*3A103644278*2Ctext*3AUnited*2520States*2CselectionType*3AINCLUDED))))*2Ckeywords*3Aremote)&sessionId=5NTcRf4wT3OOZdAOuNu6*2FQ*3D*3D&sa=t&url=amp*2fjoaopaulosarli.com.br*2fyoya*2fhdpzoebayndbovlytqfgoywx6syirj43yycwa*cmZlYXJvbkBsZWVkc2J1aWxkaW5nc29jaWV0eS5jby51aw==$*

  • bababa.png
    .png

    Password: virus

  • email-html-2.txt
  • email-plain-1.txt