General

  • Target

    04122024_0042_potwierdzenie_przelewu_20241202.exe.iso

  • Size

    1.2MB

  • MD5

    ae138a3e1828356a86a7361a10d6be27

  • SHA1

    219ee94822ae31065280b41064c7c148fa3d9356

  • SHA256

    04adfe0455eeb389399b397bf618577c1e61414e1bf52bf1c6fe77649b2bf9ee

  • SHA512

    e798244ac0e9f1e05b1cf910433ae34e50aececbd3ff089d368481f962aebeb0b6db254acbf0581638f4a53b70e4b46a5f5c3cd80133aea314cd14fbce6d1cea

  • SSDEEP

    12288:gfYfUlNHYh6qFkbpBOO64kfPZxIgL3lweEbH+a:gfYMPYc/FHkfhxIgZQH9

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 04122024_0042_potwierdzenie_przelewu_20241202.exe.iso
    .iso

    Password: infected

  • out.iso
    .iso

    Password: infected

  • potwierdzenie_przelewu_20241202.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f4639a0b3116c2cfc71144b88a929cfd


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    509a34b3a68a773e0afb4259e68f9f82


    Headers

    Imports

    Exports

    Sections

  • Assureringer69.udv
  • Domspraksisene.fur
  • Nesokia.Hyp
  • serow.kar