General
-
Target
a8c03dfe6c66acdf569a445ad9eba5795f699e78bb6c347db55dfbff03daa120.zip
-
Size
424KB
-
Sample
240626-zqr8gatblh
-
MD5
d73653fb655e3627f2ad3bcd7dbb2c82
-
SHA1
4d5cc2bea8c2dc74ddd725fe9bea7389a2d39dd6
-
SHA256
b71e123f35a70fe444f019c9b94fa65c383d14eced3647bb13ac4e50ec810af8
-
SHA512
51091c0874b597012087fcb4d82c28234bffb75604db1c3fb9c788002dc91620010b7d4fc85d0d665e582da8a5d84f072045a4f1e36cc412331e1bb93780453c
-
SSDEEP
12288:IHO3tKYRNkVJyq2NfoebDuedht+LEYuwKUTRZsGzhnHz:IXYRIyFAedhtGERwT9ZsGzhnHz
Static task
static1
Behavioral task
behavioral1
Sample
AMENDED CONTRACT-pdf.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
AMENDED CONTRACT-pdf.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
AMENDED CONTRACT-pdf.bat
-
Size
749KB
-
MD5
0dd2464556b15a0110a61fbb9c059fd7
-
SHA1
85dc6648297ce3a175c87f90ad87c0c19940f7ec
-
SHA256
ec718f7c0b27972083cd3990267d68a2cebd76b6fcaa224c44f3b165d95125f3
-
SHA512
7a46b3ac69acdc85cfd54be576144035ef844cb64ac4a918735e1bf96fd1785e9c2d13e6d93424689397e3a89b879385638d3d96386d9ba49742b69271f4e23c
-
SSDEEP
12288:TA4AyshjrfD3NfhN3ImdnkOMR4vejLiuLbKc+z6ps:TA4A/hfDJ3IokOMR4vaiu68s
Score10/10-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
6KB
-
MD5
b5a1f9dc73e2944a388a61411bdd8c70
-
SHA1
dc9b20df3f3810c2e81a0c54dea385704ba8bef7
-
SHA256
288100583f65a2b7acfc0c7e231c0e268c58d3067675543f627c01e82f6fd884
-
SHA512
b9c8d71b5da00f2aff7847b9ec3bd8a588afeb525f47a0df235b52f7b2233edb3928a2c8e0b493f287c923cc52a340ad6fee99822595d6591df0e97870de92a8
-
SSDEEP
96:p7GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgNQ3e:lXhHR0aTQN4gRHdMqJVgNH
Score3/10 -