General
-
Target
ed27500e46890513a4ff7143fd4a182d1068144b7b5910081f171b68118fae9f
-
Size
67KB
-
Sample
250227-hzrvmaztft
-
MD5
693126669e15f38920d2fee5e1d7b7e3
-
SHA1
d58063a9be0dcb16932a240a0a5d822bc4e8544b
-
SHA256
ed27500e46890513a4ff7143fd4a182d1068144b7b5910081f171b68118fae9f
-
SHA512
57d729f9fa9f53c0c982c00641952039250055a0d7fb9bd058eb37f664b132a646753c07c7e744b7c7b563436a9cae4c26ca57eccd0ee828e621c3ab8ea2b0b0
-
SSDEEP
1536:e6q10k0EFjed6rqJ+6vghzwYu7vih9GueIh9j2IoHAjU+EmkcU+uhIehXehXhHhC:E1oEFlt6vghzwYu7vih9GueIh9j2IoH/
Static task
static1
Behavioral task
behavioral1
Sample
ed27500e46890513a4ff7143fd4a182d1068144b7b5910081f171b68118fae9f.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
ed27500e46890513a4ff7143fd4a182d1068144b7b5910081f171b68118fae9f.exe
Resource
win10v2004-20250217-en
Malware Config
Extracted
blihanstealer
pomdfghrt
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; CIBA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Targets
-
-
Target
ed27500e46890513a4ff7143fd4a182d1068144b7b5910081f171b68118fae9f
-
Size
67KB
-
MD5
693126669e15f38920d2fee5e1d7b7e3
-
SHA1
d58063a9be0dcb16932a240a0a5d822bc4e8544b
-
SHA256
ed27500e46890513a4ff7143fd4a182d1068144b7b5910081f171b68118fae9f
-
SHA512
57d729f9fa9f53c0c982c00641952039250055a0d7fb9bd058eb37f664b132a646753c07c7e744b7c7b563436a9cae4c26ca57eccd0ee828e621c3ab8ea2b0b0
-
SSDEEP
1536:e6q10k0EFjed6rqJ+6vghzwYu7vih9GueIh9j2IoHAjU+EmkcU+uhIehXehXhHhC:E1oEFlt6vghzwYu7vih9GueIh9j2IoH/
Score10/10-
Blihanstealer family
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-