Overview
overview
10Static
static
3app-0.89.2...rl.dll
windows7-x64
1app-0.89.2...rl.dll
windows10-2004-x64
1app-0.89.2...ll.exe
windows7-x64
6app-0.89.2...ll.exe
windows10-2004-x64
10app-0.89.2...pi.dll
windows7-x64
1app-0.89.2...pi.dll
windows10-2004-x64
1app-0.89.2...ll.exe
windows7-x64
6app-0.89.2...ll.exe
windows10-2004-x64
10General
-
Target
app-0.89.2.zip
-
Size
13.8MB
-
Sample
241209-hp8qdsvqek
-
MD5
31aadde146578aca7978753077095efa
-
SHA1
91440dab7c232b4ee87912e24d4fb39276b374b0
-
SHA256
d865eb22b01c9efa2d3d48f2df807fbd89783cfc06e7377635415c97be1f021e
-
SHA512
342170ff72c03e5b7820104c099a17608993a979afd5ee35c4f33c13d9c5b6d18e483ee8fed171925f7ef092cebd6dde141bfd25fe9b85fe408eee72c0122530
-
SSDEEP
196608:j9ltbMUcjY1xMfOvb0wnbo7ebSDRoLyU9hglEdnid9zP4ua7R6G9yP/Z3VuB:1bMUuY1OEJnboDDROeF9zba99ynZEB
Static task
static1
Behavioral task
behavioral1
Sample
app-0.89.2/app-0.89.2/libcurl.dll
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
app-0.89.2/app-0.89.2/libcurl.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
app-0.89.2/app-0.89.2/svrcderll.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
app-0.89.2/app-0.89.2/svrcderll.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
app-0.89.2/app-0.89.2/zlibwapi.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
app-0.89.2/app-0.89.2/zlibwapi.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
app-0.89.2/svrcderll.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
app-0.89.2/svrcderll.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
app-0.89.2/app-0.89.2/libcurl.dll
-
Size
556KB
-
MD5
6b2548cc404f3dd55634efa291fa98d0
-
SHA1
a076a60d99d70fd8aa7664a2534445a502febe27
-
SHA256
7ae384b8695d7a9c2b6640927cb6ac592229aef9ebeeb80b91d556777c6dfb5d
-
SHA512
14068e9e7d5f7e4494ffa75d369068234cdb050286d3356298e0387cf13d7681c0d68b57b6b299958c86ee3ae1dc3e54adc4c376e7b869d7d76fc2e91ed95009
-
SSDEEP
12288:MoLVDsDp3Sx8rKASzlbMZO/IR+nyu20jlTov3+:35DEsxl6O/IRUT6
Score1/10 -
-
-
Target
app-0.89.2/app-0.89.2/svrcderll.exe
-
Size
2.2MB
-
MD5
6cf29dbf1fa710cccf6ba1c4c01f6b85
-
SHA1
a1debdb076c8c655e3d78c6ae82f1beba386a2ba
-
SHA256
f85ce4492e1354f8310027c5f70ef73aae654fcd8fd9a58034e4f82a41a9826b
-
SHA512
ebcc6599c33a80bb3e5c627a5f861fc9742d8558c4551544109288f80155885791a3f701af1aa7a4513cc5d121b77678a4cd46ca38a7bdd3cf7288e58e01f4f5
-
SSDEEP
24576:GmKWcYmmUMlLklbOEyeeQaSpRnO9xGboTOLFI78hqT3tiBco21c6D5mHK+iwu7:Gm/mmUiLklb6e+YMDGaAhIt5o2WqmFXM
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Deletes itself
-
-
-
Target
app-0.89.2/app-0.89.2/zlibwapi.dll
-
Size
324KB
-
MD5
b75a201484fe177e6460c08a1f2be3ca
-
SHA1
44eedc44deb82c77e82483dadd0575915b47a4b7
-
SHA256
fdd525739c5f4d55d3a65271c3389b34c79c236342ccedf31b34c539acea08d0
-
SHA512
f922f1c5fc876a2fcc1c14d8c1665d2172dbd5fbea53e964e0229f07da449fbea72c9509a532f37c48dd1faec2df4271561191bfb9aa62495104f5828c69b07f
-
SSDEEP
6144:Jizgh97llCQHIJvLxR7ChPcFDuv2KXONh8pgMwuNFR/i:Ji8h9iQHKvjOhkFDuGHHMrNzi
Score1/10 -
-
-
Target
app-0.89.2/svrcderll.exe
-
Size
586KB
-
MD5
f6f6ff4e9b359bc005a25fadb3a0aa61
-
SHA1
831fe06ce2015e2d66467d04f2d46ec3e96524d3
-
SHA256
6eb2a5f8ba7b7e2438a9608b7a2d5eefa1f8b66aaf7060c208678e47c3565324
-
SHA512
db29271f28a3bff4bd3f4073b522c662f70865cc1067e0de2c11ef284d8d88fe9ca165485da6fe52372bf3db33764f195853b883d8fdab1b502e960b0915da14
-
SSDEEP
6144:xc2XFRJ3DNuzAOS9FOU6CNmKQEiispigdlDAlZVl49q7r+:7FvYzU9QU6CNmKsPtdsXl49qX+
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-