General
-
Target
3a4e001dd50168d2a6ccf22eb52cab95adb44cbe871326dbc5dd5fd52e7fa199
-
Size
66KB
-
Sample
250227-z4lmvaznv6
-
MD5
422f50593f6c566874a3bac7f67b6139
-
SHA1
741b47f300cda66065634ac88fb98f889e735b70
-
SHA256
3a4e001dd50168d2a6ccf22eb52cab95adb44cbe871326dbc5dd5fd52e7fa199
-
SHA512
c0a0f358b7d32b1767388c9d49ae412bea5000a1d50f64df0e630efa84a571585acd01bd1134f86bc0b413033a45b022cc679d794308e120b0dd259eeed271d1
-
SSDEEP
1536:e6q10k0EFjed6rqJ+6vghzwYu7vih9GueIh9j2IoHAcBHUIF2kvEHrH1hyhuhrhy:E1oEFlt6vghzwYu7vih9GueIh9j2IoHX
Static task
static1
Behavioral task
behavioral1
Sample
3a4e001dd50168d2a6ccf22eb52cab95adb44cbe871326dbc5dd5fd52e7fa199.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
3a4e001dd50168d2a6ccf22eb52cab95adb44cbe871326dbc5dd5fd52e7fa199.exe
Resource
win10v2004-20250217-en
Malware Config
Extracted
blihanstealer
pomdfghrt
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; CIBA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Targets
-
-
Target
3a4e001dd50168d2a6ccf22eb52cab95adb44cbe871326dbc5dd5fd52e7fa199
-
Size
66KB
-
MD5
422f50593f6c566874a3bac7f67b6139
-
SHA1
741b47f300cda66065634ac88fb98f889e735b70
-
SHA256
3a4e001dd50168d2a6ccf22eb52cab95adb44cbe871326dbc5dd5fd52e7fa199
-
SHA512
c0a0f358b7d32b1767388c9d49ae412bea5000a1d50f64df0e630efa84a571585acd01bd1134f86bc0b413033a45b022cc679d794308e120b0dd259eeed271d1
-
SSDEEP
1536:e6q10k0EFjed6rqJ+6vghzwYu7vih9GueIh9j2IoHAcBHUIF2kvEHrH1hyhuhrhy:E1oEFlt6vghzwYu7vih9GueIh9j2IoHX
Score10/10-
Blihanstealer family
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-