General
-
Target
ghztD_enc.vbe
-
Size
1KB
-
Sample
200217-7k6bl8357j
-
MD5
c99bc6705cbbba2ff17da1f7a16f12f7
-
SHA1
9000723b516e0933d9c320b223138dc033d808f1
-
SHA256
24e1dfddcd17b438aa5fc6640560fe4ba881a4eea34b79aa8c46521449c92aad
-
SHA512
676248513d447c33b9966ec57abf7e3b845de0b41ed6e4f7d2208e6477cd3f2da46555b7a601d31c2c8013d79e9ba6fd247405e9c7352301b4e7378c9697e787
Static task
static1
Behavioral task
behavioral1
Sample
ghztD_enc.vbe
Resource
win7v200213
Behavioral task
behavioral2
Sample
ghztD_enc.vbe
Resource
win10v191014
Malware Config
Extracted
http://107.189.7.176/crypter/ClassLibrary6.dll
Targets
-
-
Target
ghztD_enc.vbe
-
Size
1KB
-
MD5
c99bc6705cbbba2ff17da1f7a16f12f7
-
SHA1
9000723b516e0933d9c320b223138dc033d808f1
-
SHA256
24e1dfddcd17b438aa5fc6640560fe4ba881a4eea34b79aa8c46521449c92aad
-
SHA512
676248513d447c33b9966ec57abf7e3b845de0b41ed6e4f7d2208e6477cd3f2da46555b7a601d31c2c8013d79e9ba6fd247405e9c7352301b4e7378c9697e787
-
Blacklisted process makes network request
-
Program crash
-
Suspicious use of SetThreadContext
-