General
-
Target
FIRM ORDER # 2020-1-32410 21981XMH.lzh
-
Size
1.1MB
-
Sample
200707-8m6xdyrdxx
-
MD5
f3b9a9d6e1e5483b541f0a7bc6b5cb87
-
SHA1
a83c380601a10c0b7f3b843d9174f0631cc9e8f6
-
SHA256
8bf871d77503944f04612b7ba14be181e46c0333754aea49927538e1cd597a17
-
SHA512
587f6118d782f2209e6f1b158acacf9995552f067026bcb4748657acd25b5cf28f9a7fc71e5bc14b5654dd663aad237703c23486c980337d29b5c1dd089cafd0
Static task
static1
Behavioral task
behavioral1
Sample
FIRM ORDER # 2020-1-32410 21981XMH.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
FIRM ORDER # 2020-1-32410 21981XMH.exe
Resource
win10
Malware Config
Targets
-
-
Target
FIRM ORDER # 2020-1-32410 21981XMH.exe
-
Size
1.8MB
-
MD5
3349ba62142880bbe6e35dd4a9be5981
-
SHA1
f53307dd3ea7e7dfeba1dbd6aa33ffabb3aed628
-
SHA256
fae5d87e8771f0025e306697f68afe511275e9772af23dfd081ffbfc0b56f38d
-
SHA512
1dad489fe6ef0d0f99358be688885e10ce2d178b675300e51eff3b169b9952c36e74868d5c8e77388c1ec2c7af895b10e65f21489416caa89de59e746b0a8c37
Score6/10-
Adds Run entry to start application
-
Legitimate hosting services abused for malware hosting/C2
-