PEBBLEDASH

By GoldSparrow in Trojans

Translate To:

The PEBBLEDASH malware is one of the dozens of hacking tools that belong to the arsenal of the nefarious HIDDEN COBRA APT (Advanced Persistent Threat). This hacking group originates from North Korea and is also known as Lazarus. The HIDDEN COBRA hacking group has been around since 2009. The PEBBLEDASH threat operates as a backdoor Trojan that has the ability to gain persistence on the targeted host.

The PEBBLEDASH threat can be used for introducing second-stage payloads, as well as wreaking havoc on the infected computer. Among the commands that the PEBBLEDASH malware can execute is the 'securely delete' command. If the attackers utilize this command, the target would have a really hard time restoring any of the deleted data. The list of PEBBLEDASH's capabilities includes:

Manipulating the files present on the system.
Uploading and executing files on the host.
Gathering information about the system's hardware and software.
Listing directories, files and partitions.
Self-destructing.

The PEBBLEDASH malware is able to run remote commands by using a hidden instance of the Windows Command Prompt. The result of the executed commands is stored in a file that is transferred to a server of the malware's operators periodically. On top of all this, the PEBBLEDASH threat is able to execute some other minor tasks, which may be utilized in some of HIDDEN COBRA's campaigns.

It is best to ensure your system's safety by investing in a trustworthy anti-spyware software suite.

Table of Contents

Details:

Sample: aab2868a6ebc6bdee5bd12104191db9fc1950b30bcf96eab99801624651e77b6
Name: D2DE01858417FA3B580B3A95857847D5
Size: 167937 bytes
Type: PE32 executable (GUI) Intel 80386, for MS Windows
MD5: d2de01858417fa3b580b3a95857847d5
SHA1: 2c879a1d4b6334c59ac5f11c2038d273d334befe
SHA256: aab2868a6ebc6bdee5bd12104191db9fc1950b30bcf96eab99801624651e77b6
SHA512: 220c74af533f4565c4d6f0b4a4ac37c4c6e6238eba22d976a8c28889381a7d920e29077287144ec71f60e5a0b3f3780b6c688e34b8b63092670b0d8ed2f34d1e
ssdeep: 3072:LH+Sv//jDG2TJVw2URyELc1VVA9Rznhy7i+2JYI3mX2nwvjbtdKQ:qSn/jDGtUEWgE792nmX2Eb3
Entropy: 6.131834

Aliases

11 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
-	Trojan.NukeSped.Win32.4
-	BScope.Trojan.Dynamer
Symantec	Trojan Horse
-	Trojan.Win32.Fuery.ephjck
Ikarus	Trojan.Win32.NukeSped
-	Rootkit.Agent.eki.zwum.mg
-	Trojan.GenericKD.5147779 (B)
-	Win32/NukeSped.G trojan vatiant
BitDefender	Trojan.GenericKD.5147779
AntiVir	TR/Fuery.eipis
AhnLab-V3	Trojan/Win32.Akdoor

File System Details

PEBBLEDASH may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	aab2868a6ebc6bdee5bd12104191db9fc1950b30bcf96eab99801624651e77b6	d2de01858417fa3b580b3a95857847d5
Name: aab2868a6ebc6bdee5bd12104191db9fc1950b30bcf96eab99801624651e77b6 MD5: d2de01858417fa3b580b3a95857847d5 Size: 167.93 KB (167937 bytes)

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

PEBBLEDASH

Details:

Aliases

File System Details

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen