General
-
Target
429d3c6f87f5be86bc72990681c294556b8e22d8a8aa2cfe373880c9002e1955
-
Size
70KB
-
Sample
250227-1dstxazq19
-
MD5
f69e07b31119ac21761dcc75c0ade08b
-
SHA1
ac2063f6a86e6a1e39ef9e5769def7d611bc936f
-
SHA256
429d3c6f87f5be86bc72990681c294556b8e22d8a8aa2cfe373880c9002e1955
-
SHA512
74cc09fc659bb9d1e32549913d5b1f9b50953bcc12f5efff7497ebc9502d2460fa9b187bf8899305b648bccad5b71358b0bf80938c7b058361b804b201e40540
-
SSDEEP
1536:e6q10k0EFjed6rqJ+6vghzwYu7vih9GueIh9j2IoHAcBHUIF2kvEHrH1hyhuhrhr:E1oEFlt6vghzwYu7vih9GueIh9j2IoH0
Static task
static1
Behavioral task
behavioral1
Sample
429d3c6f87f5be86bc72990681c294556b8e22d8a8aa2cfe373880c9002e1955.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
429d3c6f87f5be86bc72990681c294556b8e22d8a8aa2cfe373880c9002e1955.exe
Resource
win10v2004-20250217-en
Malware Config
Extracted
blihanstealer
pomdfghrt
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; CIBA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Targets
-
-
Target
429d3c6f87f5be86bc72990681c294556b8e22d8a8aa2cfe373880c9002e1955
-
Size
70KB
-
MD5
f69e07b31119ac21761dcc75c0ade08b
-
SHA1
ac2063f6a86e6a1e39ef9e5769def7d611bc936f
-
SHA256
429d3c6f87f5be86bc72990681c294556b8e22d8a8aa2cfe373880c9002e1955
-
SHA512
74cc09fc659bb9d1e32549913d5b1f9b50953bcc12f5efff7497ebc9502d2460fa9b187bf8899305b648bccad5b71358b0bf80938c7b058361b804b201e40540
-
SSDEEP
1536:e6q10k0EFjed6rqJ+6vghzwYu7vih9GueIh9j2IoHAcBHUIF2kvEHrH1hyhuhrhr:E1oEFlt6vghzwYu7vih9GueIh9j2IoH0
Score10/10-
Blihanstealer family
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-