Sample File:

	MD5 hash:
		a4e1caab1b9642ef645b6549ca09d303

	SHA1 hash:
		da0cd782f32088c0df8cd62deda1c61b4cedd6fb

	SHA256 hash:
		855dcd368dbb01539e7efa4b3fefa9b56d197db87b1ba3ede5e1f95927ea2ca3

	SSDEEP hash:
		768:nAqGAtr4sozjTFpy3RlyvK6WZmYNnYIzxz84k567+tb+pA:AqGcAFp6ynCvNnY8t8Z5E+t6p

	Filename(s):
		BUDDINGPULVERS.exe

	Filetype:
		Windows Exe (x86-32)


Mutex IOCs:

		
		Global\3747bdbf-0ef0-42d8-9234-70d68801f407


Registry Key IOCs:

		HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VBA\Monitors
		HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\AppContext
		HKEY_LOCAL_MACHINE


Domain IOCs:

		drive.google.com


IP IOCs:

		216.58.212.142


URL IOCs:

		https://drive.google.com/uc?export=download&id=1QWqkgFZkOmBDvR4uR2YwoOXuLiVcEUxl


File IOCs:

	Filenames:
		C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
		C:\WINDOWS\SysWOW64\net1.exe
		C:\ProgramData\qemu-ga\qga.state
		C:\Users\FD1HVy\Desktop\BUDDINGPULVERS.exe
		C:\WINDOWS\SYSTEM32\MSVBVM60.DLL
		\??\C:\WINDOWS\syswow64\msvbvm60.dll

	MD5 hashes:
		a4e1caab1b9642ef645b6549ca09d303

	SHA1 hashes:
		da0cd782f32088c0df8cd62deda1c61b4cedd6fb

	SHA256 hashes:
		855dcd368dbb01539e7efa4b3fefa9b56d197db87b1ba3ede5e1f95927ea2ca3

	SSDEEP hashes:
		768:nAqGAtr4sozjTFpy3RlyvK6WZmYNnYIzxz84k567+tb+pA:AqGcAFp6ynCvNnY8t8Z5E+t6p