6dba900ba4e73e88cf3d3a062f71735f30e615436d01aa96d18545e97d31a5a4

Sharing

Copy URL

Twitter E-mail

General

Target

Nezur_Executor.zip
Size

22.5MB
Sample

241221-w4zypawkdy
MD5

4d37f25041bdde67a14e56c81df22d2d
SHA1

889cdd97c8e162e7b252f9a697c6458076b49483
SHA256

6dba900ba4e73e88cf3d3a062f71735f30e615436d01aa96d18545e97d31a5a4
SHA512

e8b8d2954158f0f263a46dfb018fd1cf13d9f6c3ef9de2add1dd2cd23be8b42dd50fff15fd89230c81df7a73ad8e16aeca8014db302f22505b3187b866d0ce05
SSDEEP

393216:CUvQPnPTpXYGgYlaUucsYWCa+uiGgphlV+ybX9ltoIY1VzH7X9wmRJ4rSm9Hhy/m:HvQvdXnO1sFXPKPqja/fltD3IFj

Score

7^/10

Malware Config

Targets

- Target
  
  Nezur_Executor.zip
- Size
  
  22.5MB
- MD5
  
  4d37f25041bdde67a14e56c81df22d2d
- SHA1
  
  889cdd97c8e162e7b252f9a697c6458076b49483
- SHA256
  
  6dba900ba4e73e88cf3d3a062f71735f30e615436d01aa96d18545e97d31a5a4
- SHA512
  
  e8b8d2954158f0f263a46dfb018fd1cf13d9f6c3ef9de2add1dd2cd23be8b42dd50fff15fd89230c81df7a73ad8e16aeca8014db302f22505b3187b866d0ce05
- SSDEEP
  
  393216:CUvQPnPTpXYGgYlaUucsYWCa+uiGgphlV+ybX9ltoIY1VzH7X9wmRJ4rSm9Hhy/m:HvQvdXnO1sFXPKPqja/fltD3IFj
Score

7^/10

discovery phishing
- A potential corporate email address has been identified in the URL: [email protected]
  phishing
- Executes dropped EXE
behavioral1
- Target
  
  Microsoft.Web.WebView2.Core.xml
- Size
  
  611KB
- MD5
  
  6c5c5290bdd2d4072d64a3f8aac6d02e
- SHA1
  
  a610567951bf885e11ee5dabfd87dd1d37e4f50d
- SHA256
  
  1cf4f0c0994cdb65fac609dd19755541ae109d917695dfca9c4acae08ebb850e
- SHA512
  
  a77ad02fe706227712c231e7ccae084f8d74bfa490c8879117109746c3cb3bf77feb818e0de03880e03b46d22ad1b8cadd9f14fe2e69b34bc2770632a2311a48
- SSDEEP
  
  12288:rV/cM0fctDZuwKxzdpeqKgan2xqfcan2NPPVeLoBWkO4am+7RufDufBSCspK2sSl:4pBYvfVO
Score

1^/10
behavioral2
- Target
  
  Microsoft.Web.WebView2.WinForms.xml
- Size
  
  40KB
- MD5
  
  c09409aac254f17c1c648e6f0464b035
- SHA1
  
  22acb08e12e6ccbc4005c393e78d78be4f64b28e
- SHA256
  
  4b40e49aec5dbda597224f997d57a16645ddc2eb00f31a6329204d1853a2245a
- SHA512
  
  53c46df0f24cafcd81ddedd195bae8dbedef7dd1387691a3ebf856b4dd239c3859fb58a1eaa9a31baa1fbb6e1986270ce567f3e70d110d1d88817f27c8a0dd5a
- SSDEEP
  
  768:3OsdyK4aSPgPxW3uyCG4yCGdryCG/L+GZiyCGRL+P1xb9zU4QPgcRJFXCfPgKehG:3OsdyTaSPg5W3uyf4yfdryf/LzZiyfRI
Score

1^/10
behavioral3
- Target
  
  Microsoft.Web.WebView2.Wpf.xml
- Size
  
  139KB
- MD5
  
  97ea2301be18aefade073d39302154d0
- SHA1
  
  30f83ae731adcc4e79598c2c21644cf02b909928
- SHA256
  
  e088d2b21902cb8479f782f327925f9e3281b7ee8406966735dd932e5a58e3a9
- SHA512
  
  92a6ce81f5b3f4c7779bb9589d7b6548bbfde0e2ad59d1f31d190c9c75ef95e1dc31a9c763eb11fa62803d997b6af79f4f6e56dd31e3bdff8d0ba4f84c570e5e
- SSDEEP
  
  3072:xOsSyTa4PgfmLC4uyD/D4yDC4dryDJtLryDnLfryDYO/LPm8RLP9R3Ly1vb9QUX7:xOsSyTa4PgfmLC4uyD/D4yDC4dryDJtY
Score

1^/10
behavioral4
- Target
  
  Nezur_Interface.deps.json
- Size
  
  3KB
- MD5
  
  34c45d78bdd90b1b2bd1d05d715c2849
- SHA1
  
  d84c1a72c1308ded0885659cc99a4d62a868d3af
- SHA256
  
  ee0cf1308dd91eba2003d31e886b88258f9f9943f9a778ae81b358dd9fded546
- SHA512
  
  f6bd271a8e7d240cdb6b4d1e118e81257b0a656285db66ea2c065c86a0c2615559dc753c1bf21e8423f2664d7d960aef4d19771456187e4688c922d654b67a5b
Score

3^/10
behavioral5
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.fingerprint
- Size
  
  66B
- MD5
  
  0c9218609241dbaa26eba66d5aaf08ab
- SHA1
  
  31f1437c07241e5f075268212c11a566ceb514ec
- SHA256
  
  52493422ac4c18918dc91ef5c4d0e50c130ea3aa99915fa542b890a79ea94f2b
- SHA512
  
  5d25a1fb8d9e902647673975f13d7ca11e1f00f3c19449973d6b466d333198768e777b8cae5becef5c66c9a0c0ef320a65116b5070c66e3b9844461bb0ffa47f
Score

3^/10
behavioral6
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.json
- Size
  
  134B
- MD5
  
  58d3ca1189df439d0538a75912496bcf
- SHA1
  
  99af5b6a006a6929cc08744d1b54e3623fec2f36
- SHA256
  
  a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437
- SHA512
  
  afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2
Score

3^/10
behavioral7
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/protocols.json
- Size
  
  3KB
- MD5
  
  6bbb18bb210b0af189f5d76a65f7ad80
- SHA1
  
  87b804075e78af64293611a637504273fadfe718
- SHA256
  
  01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c
- SHA512
  
  4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d
Score

3^/10
behavioral8
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics-spare.pma
- Size
  
  1.2MB
- MD5
  
  1045bfd216ae1ae480dd0ef626f5ff39
- SHA1
  
  377e869bc123602e9b568816b76be600ed03dbd0
- SHA256
  
  439292e489a0a35e4a3a0fe304ea1a680337243fa53b135aa9310881e1d7e078
- SHA512
  
  f9f8fcc23fc084af69d7c9abb0ef72c4684ac8ddf7fa6b2028e2f19fd67435f28534c0cf5b17453dfe352437c777d6f71cfe1d6ad3542ad9d636263400908fd2
- SSDEEP
  
  3::
Score

3^/10
behavioral9
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics/BrowserMetrics-6758B082-4D3C.pma
- Size
  
  1.2MB
- MD5
  
  542ace663b50480a6557c6c614305c04
- SHA1
  
  07bd6451e514ebd17b85974b99a460408d8da780
- SHA256
  
  e70847dc942ae21ce51b8d8b9e4273f6b467d3e57250ecfd26def3eb029cb59e
- SHA512
  
  68942eb72a7f5e10d0360bacb7d4a6ee0c89e9a2f6a57942496c833dcccd80c6267434282b60343a60477ae7873d88255aaa7a3f23b2bf3103260c400bd8d4e7
- SSDEEP
  
  3072:3kvjG1KzbibYg1HFZU0CvOT1CTbGiumFHZBD3XQ8:3kvi1K/ibYaH7U7vOT1CTbGQBD3XQ8
Score

3^/10
behavioral10
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2024.12.2/crl-set
- Size
  
  21KB
- MD5
  
  846feb52bd6829102a780ec0da74ab04
- SHA1
  
  dd98409b49f0cd1f9d0028962d7276860579fb54
- SHA256
  
  124b7eeba31f0e3d9b842a62f3441204beb13fade81da38b854aecba0e03a5b4
- SHA512
  
  c8759e675506ccc6aa9807798252c7e7c48a0ab31674609738617dc105cee38bce69d4d41d6b95e16731466880b386d35483cbeea6275773f7041ba6e305fae9
- SSDEEP
  
  384:qt71+UBzeWhU6yVS2Ddc0fp/9yYoIJgWUeJuDzeG0LOsr2h9ltQYX9hVPz/HG1pA:a4GBwVPDdFhVyYoPWUiuXeG0K5dQYXFr
Score

1^/10
behavioral11
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2024.12.2/manifest.fingerprint
- Size
  
  66B
- MD5
  
  dee9d3bdd016c697d11e370a995e7332
- SHA1
  
  ef13d667efd507e160de165f4f1fe918fc728ca2
- SHA256
  
  a84789942c4436967dba5d0ce45a3f6767bcfebf67b951fbef75cca32e9acd96
- SHA512
  
  1c798ed77fcaccc5ec237cb6618e6425fb7dbbe5f22b2a969b915987fda4be8ecadc265871832f0b7f9b5656433c27f8495eceb16598294fab80e709b2cb3d68
Score

3^/10
behavioral12
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2024.12.2/manifest.json
- Size
  
  114B
- MD5
  
  e6cd92ad3b3ab9cb3d325f3c4b7559aa
- SHA1
  
  0704d57b52cf55674524a5278ed4f7ba1e19ca0c
- SHA256
  
  63dfb8d99ce83b3ca282eb697dc76b17b4a48e4065fc7efafb77724739074a9d
- SHA512
  
  172d5dc107757bb591b9a8ed7f2b48f22b5184d6537572d375801113e294febfbe39077c408e3a04c44e6072427cbe443c6614d205a5a4aa290101722e18f5e8
Score

3^/10
behavioral13
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Crashpad/settings.dat
- Size
  
  280B
- MD5
  
  1d067422203aa571d41510689a583844
- SHA1
  
  4c9b41c316a6181dbfab735f02514036287de223
- SHA256
  
  800d6b853b242b40d4b1ab7948cbc3389d6695f1ee32c9b90c702e04e328fecb
- SHA512
  
  43216ab64994b23579fd50c37f9d798cf4a15ade28eabbdb9abc5457d288cc909c14277fdcbbd7124527172cfb57f36f0e0492bb1ae6f355c24e4087a02b6d27
Score

3^/10
behavioral14
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Crashpad/throttle_store.dat
- Size
  
  20B
- MD5
  
  9e4e94633b73f4a7680240a0ffd6cd2c
- SHA1
  
  e68e02453ce22736169a56fdb59043d33668368f
- SHA256
  
  41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304
- SHA512
  
  193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337
Score

3^/10
behavioral15
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_0
- Size
  
  44KB
- MD5
  
  252e5d3a9cd89e918aae00247c06f7a9
- SHA1
  
  b87ec899b54e99aa59e988f24f353b40fc08cc2d
- SHA256
  
  2389fe57daee0e0e2b196800477087348a1e8027eb2b7e9b7db39595bfd2db4e
- SHA512
  
  2f0a7e3ca2b198e056fbfbd644650bbcdc5ec3597c3da0ef40a8f96c162e5afe36163326942fb0a95541efcb30853d05753c3191e47b91e058f8297f7374213c
- SSDEEP
  
  6:/FoEXEmHX1ikNUAkX1+V+Jdq0outRcLSleNiwP3UerpXn6lQb:d7XVHX1HNUzX1s+s0ouzySFaUkp36Kb
Score

1^/10
behavioral16
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_1
- Size
  
  264KB
- MD5
  
  a5dc3dfdd82f08f44d73eedfb2766273
- SHA1
  
  6a12c130e9ff0c3d25d403f008b7754cfb990fff
- SHA256
  
  8ca603fd3d404a3e8d8442b923d7ad7017c5194d227b7388a015810d3f47b534
- SHA512
  
  13e5073718fbacac3f9ef3dbcccdb3f22f0d4071294be92cf5f9c048c9f3404cfd34f408498593b2eac24da1beed268fb349b8d1d054d199f6f7ae7644fa969a
- SSDEEP
  
  24:0DRIIsl3l3fwNpYIl3l3Md9eSjaXGV3GBQjU5CykVaejq5m6egGl3l3WrLEc62le:gIIKy+3zbV3Gmo5CfVaeOfrP2u
Score

1^/10
behavioral17
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_2
- Size
  
  1.0MB
- MD5
  
  df7b87b42fe92bd12d473171a4892ef4
- SHA1
  
  b023cd1644eeeca79963961a0ecfae6d1ed498bc
- SHA256
  
  da5528972eed1935b45729a653936cdb7b07d94656294ac23561c019d8bdf173
- SHA512
  
  4bdb9bab606f7e748ee71aaf6b228ad9606f02560a923dc6c2cea40bda38ad9963badea4b774126e76abc7b22eeeb8f1ee2dc07ffd02c68a9edf8450dfeaafc0
- SSDEEP
  
  48:nwKD4PbU3T2iyQPxmzgN6UhuCSwqknGXQdeEPt:wKDx3SiyUmzgNOwLGXQdeEF
Score

1^/10
behavioral18
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_3
- Size
  
  4.0MB
- MD5
  
  e37861c0f1fda957981a1835e0b59c92
- SHA1
  
  9d5f6427a7f7da84dfa1e217bdf42428601240f4
- SHA256
  
  2224463f64bf9b99d811305705b4986cf653ccafcf8be51c6caeda0219e16f11
- SHA512
  
  f6d16c129a5754fb8511f08508eb2395108c04b4351befd303644d3ab87fca62e94e7d7eb96558b0393bce4b69b8933ba3506d532b331ec8da55fc057a8977da
- SSDEEP
  
  1536:26fXnkfXRyZk5fXt3fXlJfXQn3Lfq5XfXwBfX:vfXkfXvfXtfXXfXQ3bq9fXqfX
Score

1^/10
behavioral19
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/adblock_snippet.js
- Size
  
  2KB
- MD5
  
  f5c93c471485f4b9ab45260518c30267
- SHA1
  
  ee6e09fb23b6f3f402e409a2272521fdd7ad89ed
- SHA256
  
  9aa899e0bf660ee8f894b97c28f05db06cc486915953b7f3b2ff9902fa8da690
- SHA512
  
  e50a1baf20db9bc867e85ab72f9976430e87d8516ca552f9342a5c91822c9e1404e4f915042d48d841cca3fb16fd969bf0aa01195791ce29de63c45814fcdcda
Score

3^/10

execution
behavioral20
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/manifest.fingerprint
- Size
  
  66B
- MD5
  
  2596b3b177322eaeeab4c735348b2385
- SHA1
  
  b563fe1496d5d2b336f310288604d5c1314c7bbd
- SHA256
  
  b406602a37dfb0408ade2a6d84071a70d3b040c15902da60dafbfa818370669f
- SHA512
  
  258ced5170edb34b83cc97a04ced98299c5cfad838989ce7dcb32bf8e93e5d1ae8b15eed71346a323075f4077743a6db22cb26ea00a40720134a60ab4013e955
Score

3^/10
behavioral21
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/manifest.json
- Size
  
  116B
- MD5
  
  2188c7ec4e86e29013803d6b85b0d5bb
- SHA1
  
  5a9b4a91c63e0013f661dfc472edb01385d0e3ce
- SHA256
  
  ac47cc331bb96271da2140941926a8accc6cb7599a6f3c17bd31c78f46709a62
- SHA512
  
  37c21eaff24a54c2c7571e480ff4f349267e4404111508f241f54a41542ce06bcde4c830c6e195fc48d1bf831ed1fe78da361d1e43416cfd6c02afa8188af656
Score

3^/10
behavioral22
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/Variations
- Size
  
  85B
- MD5
  
  bc6142469cd7dadf107be9ad87ea4753
- SHA1
  
  72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
- SHA256
  
  b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
- SHA512
  
  47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182
Score

1^/10
behavioral23
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/component_crx_cache/eeobbhfgfagbclfofmgbdfoicabjdbkn_1.8BFD50D350D47445B57BB1D61BBDE41CEDA7AC43DC81FCE95BF1AC646D97D2A0
- Size
  
  1KB
- MD5
  
  e15208ff647aea1698bfa7da5287df5e
- SHA1
  
  bc5d6e7d0d71ae1bcac13320ee237ce0adc493f3
- SHA256
  
  8bfd50d350d47445b57bb1d61bbde41ceda7ac43dc81fce95bf1ac646d97d2a0
- SHA512
  
  07e2435f9e609d92daf97b5c6b75a79c9f8c229facd24999a45d954ad2eda130f7b7deeab6403f8518c5bfe2791b9796952c7ee58023488c90165cb1b0d5f47b
Score

1^/10
behavioral24
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/component_crx_cache/ndikpojcjlepofdkaaldkinkjbeeebkl_1.69D0D51AD8D1AABAAE811B5BC6F72729BEEBE8AB40C8E6080C8255453F913377
- Size
  
  1.6MB
- MD5
  
  4e1b8110c0051df94a611086b3afce68
- SHA1
  
  76d1fda433efdfde03006189e9727c270e4a6936
- SHA256
  
  69d0d51ad8d1aabaae811b5bc6f72729beebe8ab40c8e6080c8255453f913377
- SHA512
  
  67112ab375f836e12af54062540d60737683e331d07fecb2f4e830ee005ac093169dccd1bf12f60e5ad5c52cca869950ae5f0ba5b01c007c47599329e0bd6842
- SSDEEP
  
  49152:iGB5EH8IGiLHJo65GLK3LJYI+Sk6hHePu3:t5s8bko6IW3LJYI+R6cPY
Score

1^/10
behavioral25
- Target
  
  Nezur_Interface.exe.WebView2/EBWebView/component_crx_cache/oankkpibpaokgecfckkdkgaoafllipag_1.1AB07E887ACCA305058EEAB9053C96DC531C2C5C067AB4F30AFA2B31F1EDD966
- Size
  
  22KB
- MD5
  
  025fe5bcab10e941f276145d9d00ec80
- SHA1
  
  ac4c2c93fe10274716ec5603452269a8b5b31f71
- SHA256
  
  1ab07e887acca305058eeab9053c96dc531c2c5c067ab4f30afa2b31f1edd966
- SHA512
  
  3785cfae9f9ad3ecbc40bfbf822cc371965723610af8c6965b8b0a1e3b4728e744a51678178b414329d4b46afa5d3557b44a8723a1d89b7499b09e8f28c8c535
- SSDEEP
  
  384:puLGn1KIHXgrjzeReRlhv5bzX1sf8ANFlBZlVgQUP49fmA4tVyk4exlfiMRoLndl:puLqgrr/hv514lZmJUei/nb
Score

1^/10
behavioral26
- Target
  
  Nezur_Interface.runtimeconfig.json
- Size
  
  458B
- MD5
  
  07b9a30265ca4e69c7016a1b6e3ffc27
- SHA1
  
  3a4af82a2695b1423aedd8b60a5c86793c011b02
- SHA256
  
  c71152bf25e40d647b2440c5b39be157a3d356106be9d5b678ab97bb87b4e782
- SHA512
  
  efd582f8edcdba5ef48d02eee5f73d83ff35071af99b49e08e0213928568d728d0856e3b903bfcccb9237f786846cf94da83139f99e9bee86287aff2071c3f1c
Score

3^/10
behavioral27
- Target
  
  autoexec/int.lua
- Size
  
  256B
- MD5
  
  8999efc8595909588aff1b4db33adf6c
- SHA1
  
  9d4e2a69f45491c7dae7118cbd546c34b89d361e
- SHA256
  
  65136d575ba4f5400ac739ccbc3245fef883f88a885b580283c2a77814bda46c
- SHA512
  
  7eafb7c179255ade09ed0284fbaa45bbdd3ec4aa0bfc043d73a97e4c8f6d80771a392aa1868dfb895b791f2c76ad1689c0e45e2012334dc362102d1144c62f8f
Score

3^/10
behavioral28
- Target
  
  runtimes/win-arm64/native/WebView2Loader.dll
- Size
  
  136KB
- MD5
  
  232e9d314b9bb9e677b1d79c7dc54e44
- SHA1
  
  5ad36b7a527acd76e7f5414459ba61ea319bd120
- SHA256
  
  dbd30934e8fb2706722a2b874719d62cbed47b1e473e3f684a66648e91f93def
- SHA512
  
  504230199dea2c72c47374240a6ef66fc648208bb5f01520d057dbdf13fb04f3508e1edfc2f2db3d6b8f7321d0d150d9192b7a20a4465b702b10126e1a2861be
- SSDEEP
  
  3072:rwe4zkOpEbtYRLMPM6OSRTA0gWEtJW9VDX4B2TX:UeEkOebMqgWEtJiVDX5b
Score

1^/10
behavioral29
- Target
  
  runtimes/win-x64/native/WebView2Loader.dll
- Size
  
  161KB
- MD5
  
  3fac859547077abafe806ff1e4709f47
- SHA1
  
  0366df220c5d224ee64a42c929574407d2e6d2c9
- SHA256
  
  f4d811cda483adb33220c5a856c5ec8dca3a095fde54b44f08e1279a6a5efd33
- SHA512
  
  9b7b7aabf6bdc11dfd74430336e02d7d2b96b6bbf352f1e2d158a4900bead364900820af56cf9af25366ff5704e2ffcc2458d45dc3efe00ebd0843d127ab7435
- SSDEEP
  
  3072:JX1/Z3TlTRTFOYfThTNTvDbS2bT4wdovPEKdIMsb1Z5AalipT3YEtJ5+PON2Yo:JDTlTRTFOYfThTNTvDhvZkPEKdI7pxEG
Score

1^/10
behavioral30
- Target
  
  runtimes/win-x86/native/WebView2Loader.dll
- Size
  
  113KB
- MD5
  
  999f67ef1a2d06beeaf85ec9b5d5d73d
- SHA1
  
  644b1768f8675b29fb53a51edb5d344fdf55946c
- SHA256
  
  4c24ade2c2a4cf652529fdf4259743fec824c628bdc056fc5c76c29e30e7c06c
- SHA512
  
  6399fda1c54bd26ce82b7d48ac1b7c9741d5abf68a67bd62ec53ea2a1f82caac2e9bfdb1cb22f5af3c8ca6f4789a888f6519e02941f6c33f6f9d3b0e58eb56f4
- SSDEEP
  
  3072:OnbFYqJx7sXRq2KVs9iiamgqeNZPTj7EtJlAlHJcgf4fm9pS:OZYqJx4gkYiavEtJe9f2mbS
Score

3^/10

discovery
behavioral31
- Target
  
  workspace/IY_FE.iy
- Size
  
  539B
- MD5
  
  291d5636a434c4f1ceb0f3f776c2a51f
- SHA1
  
  ae287e08f71c522a72812f0dace94b8ffb569341
- SHA256
  
  73bb58ba5b81960caf5a8e66675cc89b5761b77db99c6ceb9435f7211d400452
- SHA512
  
  7dab8034f85aef1b2b7a86cc8220ebdbb95a3f083d1565e1cff38414367aa69fc597a11aaba11dbef411e13fbfb285855d9c46ae59738f6e88c22dd55c81a743
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

A potential corporate email address has been identified in the URL: [email protected]

Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32