General
-
Target
77f5d8bbf5b22a43f60bcc4ded7dbc56529fa0ba00b29e916132bddbeae3ca26
-
Size
1.2MB
-
Sample
191025-583b19wbds
-
MD5
bb0cb63cd1f24f666217be9405090016
-
SHA1
78b7c961ac2f719330fce0901fca454a37ae1fbd
-
SHA256
77f5d8bbf5b22a43f60bcc4ded7dbc56529fa0ba00b29e916132bddbeae3ca26
-
SHA512
b2639317f54b721b262106e0ce9dcd4b92871c4115f3b43357f83f52e329c8de9581a2c69393f53dd13ad728f4d229892966d4e9dd909cbb71a64b624773b646
Task
task1
Sample
77f5d8bbf5b22a43f60bcc4ded7dbc56529fa0ba00b29e916132bddbeae3ca26.exe
Resource
win7v191014
Task
task2
Sample
77f5d8bbf5b22a43f60bcc4ded7dbc56529fa0ba00b29e916132bddbeae3ca26.exe
Resource
win10v191014
Malware Config
Targets
-
-
Target
77f5d8bbf5b22a43f60bcc4ded7dbc56529fa0ba00b29e916132bddbeae3ca26
-
Size
1.2MB
-
MD5
bb0cb63cd1f24f666217be9405090016
-
SHA1
78b7c961ac2f719330fce0901fca454a37ae1fbd
-
SHA256
77f5d8bbf5b22a43f60bcc4ded7dbc56529fa0ba00b29e916132bddbeae3ca26
-
SHA512
b2639317f54b721b262106e0ce9dcd4b92871c4115f3b43357f83f52e329c8de9581a2c69393f53dd13ad728f4d229892966d4e9dd909cbb71a64b624773b646
Score7/10-
Adds Run entry to start application
-
Checks system information in the registry (likely anti-VM)
-
Modifies service
-
Suspicious use of SetThreadContext
-