General
-
Target
06b803c8f2d5c3e5a573ff40968c60b63cd685d22a42f0e1b3d2b1ddac1e94e4
-
Size
43KB
-
Sample
250228-x8bmbsvwht
-
MD5
33c3ff9bf59e1fa4e9b71a102d5a3531
-
SHA1
dc6d788bc7f3d27e66cb69a879eee250141cc44d
-
SHA256
06b803c8f2d5c3e5a573ff40968c60b63cd685d22a42f0e1b3d2b1ddac1e94e4
-
SHA512
5b2b9beed85e27a78378537651072cf3ca2cc149718ff11dfa49c09d8d11fc927fe33094ca5e98b02a242d682bf3fb2f56e7e431fbd1de882b71482ee8a5ce33
-
SSDEEP
768:ePyFZFASe0Ep0EpHZplRpqpd6rqxn4p6vghzwYu7vih9GueIh9j2IoHAjU+Eh6If:e6q10k0EFjed6rqJ+6vghzwYu7vih9Gj
Static task
static1
Behavioral task
behavioral1
Sample
06b803c8f2d5c3e5a573ff40968c60b63cd685d22a42f0e1b3d2b1ddac1e94e4.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
06b803c8f2d5c3e5a573ff40968c60b63cd685d22a42f0e1b3d2b1ddac1e94e4.exe
Resource
win10v2004-20250217-en
Malware Config
Extracted
blihanstealer
pomdfghrt
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; CIBA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Targets
-
-
Target
06b803c8f2d5c3e5a573ff40968c60b63cd685d22a42f0e1b3d2b1ddac1e94e4
-
Size
43KB
-
MD5
33c3ff9bf59e1fa4e9b71a102d5a3531
-
SHA1
dc6d788bc7f3d27e66cb69a879eee250141cc44d
-
SHA256
06b803c8f2d5c3e5a573ff40968c60b63cd685d22a42f0e1b3d2b1ddac1e94e4
-
SHA512
5b2b9beed85e27a78378537651072cf3ca2cc149718ff11dfa49c09d8d11fc927fe33094ca5e98b02a242d682bf3fb2f56e7e431fbd1de882b71482ee8a5ce33
-
SSDEEP
768:ePyFZFASe0Ep0EpHZplRpqpd6rqxn4p6vghzwYu7vih9GueIh9j2IoHAjU+Eh6If:e6q10k0EFjed6rqJ+6vghzwYu7vih9Gj
Score10/10-
Blihanstealer family
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-