General
-
Target
18d77c4fe1e4d9379d9cfdea0f5f8a616b50c484603bb7ce0e7bb8a81c8fd1cd
-
Size
42KB
-
Sample
250228-y4fk6axmv7
-
MD5
c3e3059453a877bbf1a1eeeb422c5b27
-
SHA1
0081ab58cd25a6c5df3886ea55922b80ade98b70
-
SHA256
18d77c4fe1e4d9379d9cfdea0f5f8a616b50c484603bb7ce0e7bb8a81c8fd1cd
-
SHA512
fab89433bba6e8901f9b199644f08b93fea36412c2cb0dfa953f99d85926602eb9ee18a5c98b1b2775a6bbda470dcf23bbdcf561db79b73df397ea0d39bd6f26
-
SSDEEP
768:ePyFZFASe0Ep0EpHZplRpqpd6rqxn4p6vghzwYu7vih9GueIh9j2IoHAjU+Eh6I2:e6q10k0EFjed6rqJ+6vghzwYu7vih9Gq
Static task
static1
Behavioral task
behavioral1
Sample
18d77c4fe1e4d9379d9cfdea0f5f8a616b50c484603bb7ce0e7bb8a81c8fd1cd.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
18d77c4fe1e4d9379d9cfdea0f5f8a616b50c484603bb7ce0e7bb8a81c8fd1cd.exe
Resource
win10v2004-20250217-en
Malware Config
Extracted
blihanstealer
pomdfghrt
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; CIBA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Targets
-
-
Target
18d77c4fe1e4d9379d9cfdea0f5f8a616b50c484603bb7ce0e7bb8a81c8fd1cd
-
Size
42KB
-
MD5
c3e3059453a877bbf1a1eeeb422c5b27
-
SHA1
0081ab58cd25a6c5df3886ea55922b80ade98b70
-
SHA256
18d77c4fe1e4d9379d9cfdea0f5f8a616b50c484603bb7ce0e7bb8a81c8fd1cd
-
SHA512
fab89433bba6e8901f9b199644f08b93fea36412c2cb0dfa953f99d85926602eb9ee18a5c98b1b2775a6bbda470dcf23bbdcf561db79b73df397ea0d39bd6f26
-
SSDEEP
768:ePyFZFASe0Ep0EpHZplRpqpd6rqxn4p6vghzwYu7vih9GueIh9j2IoHAjU+Eh6I2:e6q10k0EFjed6rqJ+6vghzwYu7vih9Gq
Score10/10-
Blihanstealer family
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-