General

  • Target

    65b252796829ffd5d651dbefa426fc25181c706def40805991e3f136ffbe3da3

  • Size

    137KB

  • MD5

    e4e356b3b629a68c3381c9943c9d2063

  • SHA1

    5ab614c8286d9e669523ce75513d52ad846a61c7

  • SHA256

    65b252796829ffd5d651dbefa426fc25181c706def40805991e3f136ffbe3da3

  • SHA512

    20a90773fffa1d1af89675dce6148c825593fab605af5bbeb8b01b0e0e7c3da292b9fee1d63900180b094da2e0e0d4e93b148bd4c6028a78a456945f54ad78f1

  • SSDEEP

    1536:xLxJ85iBe3IFUlZLNeC5bA12BfkOnfjjQuWu0Crz95obLAzW7B+wf+mYGiAW5Kk5:x1J85iBe8a+CJA12h5fI2/95UL3OOAf

Score
10/10

Malware Config

Extracted

Family

phemedrone

C2

https://api.telegram.org/bot5942488573:AAF1vG_VjN_6u_kG-5DCN2A38cJEKwUh3Oo/sendDocument

Signatures

  • Phemedrone family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 65b252796829ffd5d651dbefa426fc25181c706def40805991e3f136ffbe3da3
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections