Overview

overview

10

Static

static

3

HOLIDAY AD...df.exe

windows7-x64

10

HOLIDAY AD...df.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26032025_1554_HOLIDAY ADVISORY_pdf.bat.zip

  • Size

    614KB

  • MD5

    ae3cea77b242eb4a12f6b7d79bcae040

  • SHA1

    8dab051514d0b001406ed8ac7f40c3bcc9201c62

  • SHA256

    b982dd57c7b4a6e5f568582d8819ca11d5cc8b97ce05f9d8ddc0e144784d4112

  • SHA512

    f5df8292968e8de05ba0d0d724a1f3c9500b9a5c1aacdeb077ad1880bfe3e5346b65db9261aac319860969e4a5736687ab1e0049d5f1b4917f8f95ad1c6c04df

  • SSDEEP

    12288:K4RC1IdreeqmyMWHrMWBHtX7QlK8inlT+/lgXDWI+cojGx9ts5:KNXrmCNtX7QlK8inZWiqBjGxLs5

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 26032025_1554_HOLIDAY ADVISORY_pdf.bat.zip
    .zip

    Password: infected

  • HOLIDAY ADVISORY_pdf.bat
    .exe windows:4 windows x86 arch:x86

    Password: infected

    59a4a44a250c4cf4f2d9de2b3fe5d95f


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • Basinets.Pon
  • Rinforzando.Gli
  • Vimpel21/misfornoejet.ini
  • Vimpel21/pinde.ist
  • brneflokken.jpg
    .jpg

    Password: infected

  • civilisationerne.tor
  • kloakanlgget.opv