General
-
Target
8541068a2de696edbdf62837ad4673eb9177611fbef2b352ca05d3960d9323bc
-
Size
639KB
-
Sample
191025-3zyahc62me
-
MD5
1135faa7ccd91450b5bdbc0f0083a9b5
-
SHA1
1f6d108ccdee1e66e81850186dc7eaebee283360
-
SHA256
8541068a2de696edbdf62837ad4673eb9177611fbef2b352ca05d3960d9323bc
-
SHA512
7b62d983da755b1d41ebe9c416a59b9f3ef902ffcd01443332b36d45153816d2ae7384df6c3fe7bcbff371bd14c1b6fe261859a9eca03013ebf295597c8fbbfc
Task
task1
Sample
8541068a2de696edbdf62837ad4673eb9177611fbef2b352ca05d3960d9323bc.exe
Resource
win7v191014
Task
task2
Sample
8541068a2de696edbdf62837ad4673eb9177611fbef2b352ca05d3960d9323bc.exe
Resource
win10v191014
Malware Config
Targets
-
-
Target
8541068a2de696edbdf62837ad4673eb9177611fbef2b352ca05d3960d9323bc
-
Size
639KB
-
MD5
1135faa7ccd91450b5bdbc0f0083a9b5
-
SHA1
1f6d108ccdee1e66e81850186dc7eaebee283360
-
SHA256
8541068a2de696edbdf62837ad4673eb9177611fbef2b352ca05d3960d9323bc
-
SHA512
7b62d983da755b1d41ebe9c416a59b9f3ef902ffcd01443332b36d45153816d2ae7384df6c3fe7bcbff371bd14c1b6fe261859a9eca03013ebf295597c8fbbfc
Score7/10-
Uses the VBS compiler for execution
-
Checks system information in the registry (likely anti-VM)
-
Modifies service
-
Suspicious use of SetThreadContext
-