General

  • Target

    ebea026943b6e923a147fff8cc82f1b03b0ead796272c5d4de268563be321b87N.exe

  • Size

    138KB

  • MD5

    03761d8dac7329f4615f845c2af68020

  • SHA1

    0f7609cec5364fedca06126ca22c2d08d8a7a781

  • SHA256

    ebea026943b6e923a147fff8cc82f1b03b0ead796272c5d4de268563be321b87

  • SHA512

    e491988e9f6e327a3d2cfaee8b7af5246f0bacebd1f07834c796cb2bf0514fb12af6d9415016f12ddd1f36c2ced74d9ab0b31d76f5680951dfccc7a059a380ec

  • SSDEEP

    3072:pGyxO6HAjmjaa8OP7BJhi5fkuJ3hevv9CMqK:FOeAija07FhRvvr

Score
10/10

Malware Config

Extracted

Family

phemedrone

C2

https://api.telegram.org/bot8096061409:AAHjfIm6J1pNB64BDGreFzTd6Z4HVJYTZUo/sendDocument

Signatures

  • Phemedrone family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ebea026943b6e923a147fff8cc82f1b03b0ead796272c5d4de268563be321b87N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections