General
-
Target
idggh934sp.dll
-
Size
1.2MB
-
Sample
241122-r3ya9asnes
-
MD5
2bf6280ce1a1ec314e08b988ed8c8050
-
SHA1
1be1785a3e4a1aeda89bc2a5b26df7edc7fe1430
-
SHA256
9b8ffdc8ba2b2caa485cca56a82b2dcbd251f65fb30bc88f0ac3da6704e4d3c6
-
SHA512
340b5192b117efcbb18c38ef8de6982da2e5d1b1cec5d080b5a98853c39aa05a03da20d0824aeda9cbdb74762fe12139536a5f2ee87a37cbbe9b93fa6ec17d4e
-
SSDEEP
24576:tvr+qtKbfCGLovhM2he3og6p6tOs1CTvmO4Kr5x+1kxjq0cnccy:M5CPjKjLCTvm0oqxdv
Static task
static1
Behavioral task
behavioral1
Sample
idggh934sp.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
idggh934sp.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
idggh934sp.dll
-
Size
1.2MB
-
MD5
2bf6280ce1a1ec314e08b988ed8c8050
-
SHA1
1be1785a3e4a1aeda89bc2a5b26df7edc7fe1430
-
SHA256
9b8ffdc8ba2b2caa485cca56a82b2dcbd251f65fb30bc88f0ac3da6704e4d3c6
-
SHA512
340b5192b117efcbb18c38ef8de6982da2e5d1b1cec5d080b5a98853c39aa05a03da20d0824aeda9cbdb74762fe12139536a5f2ee87a37cbbe9b93fa6ec17d4e
-
SSDEEP
24576:tvr+qtKbfCGLovhM2he3og6p6tOs1CTvmO4Kr5x+1kxjq0cnccy:M5CPjKjLCTvm0oqxdv
Score10/10-
Detects PikaBot botnet
-
Pikabot family
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-