General
-
Target
0572d7203766d1b0cf173a85a8c3a958eb0e47a1325744707b5ba507e6622b5c
-
Size
42KB
-
Sample
250227-xwsebav1dy
-
MD5
c32aa2b7cbf8b8f294bc23c05197872a
-
SHA1
c1e878069392033a000ffb03162c4a36fb32e212
-
SHA256
0572d7203766d1b0cf173a85a8c3a958eb0e47a1325744707b5ba507e6622b5c
-
SHA512
d7669985da45e1b51ca59e228073576632d6a12139da6703e3cc74abd83932fd362e55d95218ceb76ffff96e7e04ecaa422ee4fbf241d5920a2db0a52ec43201
-
SSDEEP
768:ePyFZFASe0Ep0EpHZplRpqpd6rqxn4p6vghzwYu7vih9GueIh9j2IoHAjU+Eh6Ia:e6q10k0EFjed6rqJ+6vghzwYu7vih9Ge
Static task
static1
Behavioral task
behavioral1
Sample
0572d7203766d1b0cf173a85a8c3a958eb0e47a1325744707b5ba507e6622b5c.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0572d7203766d1b0cf173a85a8c3a958eb0e47a1325744707b5ba507e6622b5c.exe
Resource
win10v2004-20250217-en
Malware Config
Extracted
blihanstealer
pomdfghrt
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; CIBA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Targets
-
-
Target
0572d7203766d1b0cf173a85a8c3a958eb0e47a1325744707b5ba507e6622b5c
-
Size
42KB
-
MD5
c32aa2b7cbf8b8f294bc23c05197872a
-
SHA1
c1e878069392033a000ffb03162c4a36fb32e212
-
SHA256
0572d7203766d1b0cf173a85a8c3a958eb0e47a1325744707b5ba507e6622b5c
-
SHA512
d7669985da45e1b51ca59e228073576632d6a12139da6703e3cc74abd83932fd362e55d95218ceb76ffff96e7e04ecaa422ee4fbf241d5920a2db0a52ec43201
-
SSDEEP
768:ePyFZFASe0Ep0EpHZplRpqpd6rqxn4p6vghzwYu7vih9GueIh9j2IoHAjU+Eh6Ia:e6q10k0EFjed6rqJ+6vghzwYu7vih9Ge
Score10/10-
Blihanstealer family
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-