General
-
Target
a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e
-
Size
209KB
-
Sample
191018-7wl797zm62
-
MD5
c2af6d564b13af07b536e592dc0ac4d4
-
SHA1
a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e
-
SHA256
ba6af8e68fc67d929a1567eef3a86c1ba481f4f55ee203a17b4e0ee81ec58f41
-
SHA512
d5e402e4ec1f7444a5487f86a4ae2a7d612fee5ad7ff395ac7c6fbe74271d5435de61c8459241d0e9b2b9b6b4e81f6a9219b5863d9897675b01a08ac06940348
Task
task1
Sample
a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e.exe
Resource
win7v191014
Task
task2
Sample
a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e.exe
Resource
win10v191014
Malware Config
Extracted
ursnif
1000
http://weekends-estate.xyz
Targets
-
-
Target
a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e
-
Size
209KB
-
MD5
c2af6d564b13af07b536e592dc0ac4d4
-
SHA1
a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e
-
SHA256
ba6af8e68fc67d929a1567eef3a86c1ba481f4f55ee203a17b4e0ee81ec58f41
-
SHA512
d5e402e4ec1f7444a5487f86a4ae2a7d612fee5ad7ff395ac7c6fbe74271d5435de61c8459241d0e9b2b9b6b4e81f6a9219b5863d9897675b01a08ac06940348
Score10/10-
ursnif family
-
Checks system information in the registry (likely anti-VM)
-
Modifies service
-