Resubmissions
15-02-2025 21:43
250215-1kyczawjhk 815-02-2025 21:00
250215-ztr2watqfr 1015-02-2025 20:47
250215-zkxwrstngz 1015-02-2025 20:45
250215-zj71catlhj 1015-02-2025 20:28
250215-y9eaaasphq 1015-02-2025 20:10
250215-yxsbdasmet 1015-02-2025 19:50
250215-yklcas1qds 815-02-2025 19:10
250215-xvcbpsznbs 1015-02-2025 22:01
250215-1xp75axjesGeneral
-
Target
test.txt
-
Size
18B
-
Sample
250215-pck7ws1jdl
-
MD5
5b3f97d48c8751bd031b7ea53545bdb6
-
SHA1
88be3374c62f23406ec83bb11279f8423bd3f88d
-
SHA256
d8fce9dd9c65ca143343f7711859a7cffc3c5e656a8b84108183fb769a12ed8b
-
SHA512
ed2de1eec50310ced4bde8ef6ae4b7902920b007df7b6aeb200cfe9fcc0d36ef05af7526c4675be2feac52831668798d5fe3523175efad6f6549b30f30a0b5d6
Malware Config
Targets
-
-
Target
test.txt
-
Size
18B
-
MD5
5b3f97d48c8751bd031b7ea53545bdb6
-
SHA1
88be3374c62f23406ec83bb11279f8423bd3f88d
-
SHA256
d8fce9dd9c65ca143343f7711859a7cffc3c5e656a8b84108183fb769a12ed8b
-
SHA512
ed2de1eec50310ced4bde8ef6ae4b7902920b007df7b6aeb200cfe9fcc0d36ef05af7526c4675be2feac52831668798d5fe3523175efad6f6549b30f30a0b5d6
Score8/10-
Downloads MZ/PE file
-
A potential corporate email address has been identified in the URL: [email protected]
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Mark of the Web detected: This indicates that the page was originally saved or cloned.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-