Overview
overview
8Static
static
1.exe
windows7_x64
11.exe
windows10_x64
8Fallen.exe
windows7_x64
8Fallen.exe
windows10_x64
8Inte.exe
windows7_x64
8Inte.exe
windows10_x64
8LX64
windows7_x64
1LX64
windows10_x64
1Server.exe
windows7_x64
8Server.exe
windows10_x64
8hfs.exe
windows7_x64
6hfs.exe
windows10_x64
6hfs_1.exe
windows7_x64
6hfs_1.exe
windows10_x64
6hg
windows7_x64
1hg
windows10_x64
1java
windows7_x64
1java
windows10_x64
1moren.exe
windows7_x64
6moren.exe
windows10_x64
6General
-
Target
Malz2.zip
-
Size
1.2MB
-
Sample
200310-1vay4f77ca
-
MD5
654152a72f0675390037696f07a2cff0
-
SHA1
301b458d91f832caf71cedbb5fd58231f82c7275
-
SHA256
22503a27c8bd1299e67f484b0c750276323d5a97b9dd45e1da7a935fe377ec1e
-
SHA512
a6cdbd8a0c46e1bc4522b9feda09aadae4625ff1911ae1934ea26bc97660810f62ff76b12ff7cd84d421856e93ae9ec69906f99c99f4e9db90702ffea89924be
Static task
static1
Behavioral task
behavioral1
Sample
1.exe
Resource
win7v200217
Behavioral task
behavioral2
Sample
1.exe
Resource
win10v200217
Behavioral task
behavioral3
Sample
Fallen.exe
Resource
win7v200217
Behavioral task
behavioral4
Sample
Fallen.exe
Resource
win10v200217
Behavioral task
behavioral5
Sample
Inte.exe
Resource
win7v200217
Behavioral task
behavioral6
Sample
Inte.exe
Resource
win10v200217
Behavioral task
behavioral7
Sample
LX64
Resource
win7v200217
Behavioral task
behavioral8
Sample
LX64
Resource
win10v200217
Behavioral task
behavioral9
Sample
Server.exe
Resource
win7v200217
Behavioral task
behavioral10
Sample
Server.exe
Resource
win10v200217
Behavioral task
behavioral11
Sample
hfs.exe
Resource
win7v200217
Behavioral task
behavioral12
Sample
hfs.exe
Resource
win10v200217
Behavioral task
behavioral13
Sample
hfs_1.exe
Resource
win7v200217
Behavioral task
behavioral14
Sample
hfs_1.exe
Resource
win10v200217
Behavioral task
behavioral15
Sample
hg
Resource
win7v200217
Behavioral task
behavioral16
Sample
hg
Resource
win10v200217
Behavioral task
behavioral17
Sample
java
Resource
win7v200217
Behavioral task
behavioral18
Sample
java
Resource
win10v200217
Behavioral task
behavioral19
Sample
moren.exe
Resource
win7v200217
Behavioral task
behavioral20
Sample
moren.exe
Resource
win10v200217
Malware Config
Targets
-
-
Target
1.exe
-
Size
103KB
-
MD5
4a953a639593adb97eacef0e3992b818
-
SHA1
ecf5ae2648ec0660c82912c0fd6ecc7fbfab9df2
-
SHA256
f3ea4dfbb6a31ba417d3e9caa90159e0e786226743a7b5ed04701f847054366f
-
SHA512
ea701c6474dfa1d910c5c3abbfa01e615bab73521f841eb15b9d76488cff6e6aa33caff4c7c65bfc97f8ff47e06e17e9979cd0ff305fd18aed76729500822e3b
Score8/10-
Executes dropped EXE
-
Adds Run entry to start application
-
Drops file in System32 directory
-
Modifies service
-
-
-
Target
Fallen.exe
-
Size
11KB
-
MD5
1423f94092ba6a80ec571748e08d396e
-
SHA1
3839e76d9f01f9a92304cab21aa130f5800f71d2
-
SHA256
f595233fa17f4f280bd88b012419652b8d11f086ccc497ab5c796eba39498e60
-
SHA512
197fb512e2ee4d4cd3bf499e70a1ffda8e107efc6e6a354622448b7dac575701d6f2288df97db568df7e27e780750bc4c3337ffc869adffbd21b013c69aba18f
Score8/10-
Executes dropped EXE
-
Modifies service
-
-
-
Target
Inte.exe
-
Size
56KB
-
MD5
1ea2c756a0f0528d2e80ab204aa9de0b
-
SHA1
44177c8b4959a3b84ae65a5ea724a8e409b3dec1
-
SHA256
6d77d544364cdfaebd7252d14091653c903d0a11c34bddad60f5951da257a651
-
SHA512
ecaa88ae3a0b51ba9320870a6b7172a3f02c466571d79f7536ee3b557da14f0b268be39cc3fbeadae79f3de33d816a59737efdc7ce11d322d4891c82421d1de5
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Drops file in System32 directory
-
Modifies service
-
-
-
Target
LX64
-
Size
226KB
-
MD5
fd9a0b5c4dbe2a05f00ac465bc5017d3
-
SHA1
f0a22333edda7b2ec3b9f86672bb3ec532843d9e
-
SHA256
8e0fc7bab60b9f3c02304b5fccc0ed323d9898c58c18e530975370f667553b87
-
SHA512
8f756cfe58df2d6407e21eb71087c775f42cebbee3b4e8ec676a812cc811e82bd82a5c6ed98ec709f97bc8e6a5bb5fdaab534e43c4e39259d92d36b4e551165e
Score1/10 -
-
-
Target
Server.exe
-
Size
96KB
-
MD5
bfd0dcf57209068cc25907ff8ddc17e1
-
SHA1
8b913990c8691231e1d8e249d6d7f9a59b85dc1e
-
SHA256
8a16390f705599cacaba51ccf440f7f0a8320e614f71710a594312756788b28d
-
SHA512
8a2838fd69419a249a37b7569a7c0333e8c36a71df0dc7b8ea414f87392b42e885bcd3fc41b6bda181c6f69d98a5a5367d06b8ff6c7d3e577ea4d2581c2bfe09
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Modifies service
-
-
-
Target
hfs.exe
-
Size
153KB
-
MD5
0141d6e9b3db978d2cdc5883072f3cd9
-
SHA1
7ce852893dca1e2dc29d8d85d7e9f75e553a5cc4
-
SHA256
d878062dcb702d9734e5c4c0da92e8765baccc123249a4e14e44179d4299c29f
-
SHA512
cf472db8a6c7bea41f339d4e6ea2ede97c06b85d3e53d44c1bb837c44a9fe5f6b0a412efceea0031fb37ed0448bd2c4a890aebb9bd113a9b5cf3fcd186ce4b3a
Score6/10-
Adds Run entry to start application
-
-
-
Target
hfs_1.exe
-
Size
153KB
-
MD5
8d1d6e7c36bc9c97338a71c862dc52a0
-
SHA1
ea0cd6c2983a4fda97302cf338b3fbac20a3cc1e
-
SHA256
636f404892310f7f7cbffd013d5ebd5895b309af2b0bb18814e52c5548e4d4a6
-
SHA512
fe89091867ddfb2e9b8a94edaf5c5d56d61fffa5dd9f604013ebfd19498625d5d0a8c7db0ae4c215bbe00c2c6682a90137abc91de24c89d16dbcd0f961194923
Score6/10-
Adds Run entry to start application
-
-
-
Target
hg
-
Size
1.3MB
-
MD5
e0b7ef909e9d250091cb94a9b01ad518
-
SHA1
f3025ec3f4bbf646e074d99b19183dfeeae9523f
-
SHA256
9b18009e4a989930dea9f8e578a955cd29d013e7a544c14f9017ecb73c6382fb
-
SHA512
a8aaae0c3c2dc1a84b5f6e65223139d4c210a400e4e7295459600339acbd4d9763d95811b37ee30e122e215a574620312378e4aaac3776d33f5b64bae16adcf5
Score1/10 -
-
-
Target
java
-
Size
664KB
-
MD5
b2837a8ea0f460bd070d4bf6d919ae70
-
SHA1
97dfe39e3ac9db019020713165c062181cb80884
-
SHA256
64a10bdbf0784869fb4b1d2f27a1a3694ec9252e1fd13bca355c3ed9b9a7a8f4
-
SHA512
a90d8776cfe1926066c73090cd0716538d243b9964673b87af7a08343c9a89e729bdbf3fed8bbf65297a191b262d0c7278f817a29cc7beee19a1fbc4b63d5132
Score1/10 -
-
-
Target
moren.exe
-
Size
153KB
-
MD5
546cadaef5b11149fa02b146dfa0b830
-
SHA1
07b8527cc5561481d1e25842bd1ab3182684df4a
-
SHA256
05feb29bad25082dc351921f867287084275915c41fe242c47f21644d7a54558
-
SHA512
f1d8f618cbf9599f3efda6333b09d51f472d5f3a83d67ac04549084be787d522e3ece6272ff91322312252608ce8c69080e09dd4c52b9412489e7cf8459b79e0
Score6/10-
Adds Run entry to start application
-