General
-
Target
84f2fd8889ec1540fce9731e5ec852d4bf2eec7d71b74a0f38c09e001db12b67
-
Size
294KB
-
Sample
191025-bxe5f8pxxe
-
MD5
a5dc467f82e6cbbdf6d43c7d21f530d1
-
SHA1
e86ed1f8e2d4856630bb306597d137a1bb1235f2
-
SHA256
84f2fd8889ec1540fce9731e5ec852d4bf2eec7d71b74a0f38c09e001db12b67
-
SHA512
4c85db5a0dc5e68ec0cedaf74fa7133aca71541e545a7b7c7e4af9576e08ad91c31f4617deb7f32e35d71c893d7f79672cd8e6dcc3e90ce4f9951ef09de9337c
Task
task1
Sample
84f2fd8889ec1540fce9731e5ec852d4bf2eec7d71b74a0f38c09e001db12b67.exe
Resource
win7v191014
Task
task2
Sample
84f2fd8889ec1540fce9731e5ec852d4bf2eec7d71b74a0f38c09e001db12b67.exe
Resource
win10v191014
Malware Config
Targets
-
-
Target
84f2fd8889ec1540fce9731e5ec852d4bf2eec7d71b74a0f38c09e001db12b67
-
Size
294KB
-
MD5
a5dc467f82e6cbbdf6d43c7d21f530d1
-
SHA1
e86ed1f8e2d4856630bb306597d137a1bb1235f2
-
SHA256
84f2fd8889ec1540fce9731e5ec852d4bf2eec7d71b74a0f38c09e001db12b67
-
SHA512
4c85db5a0dc5e68ec0cedaf74fa7133aca71541e545a7b7c7e4af9576e08ad91c31f4617deb7f32e35d71c893d7f79672cd8e6dcc3e90ce4f9951ef09de9337c
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks processor name in registry (likely anti-VM)
-
Loads dropped DLL
-
Program crash
-
Checks system information in the registry (likely anti-VM)
-
Modifies service
-
Suspicious use of SetThreadContext
-