General
-
Target
SecuriteInfo.com.Gen.NN.ZemsilF.34132.6q1@a4elV5i.17824
-
Size
929KB
-
Sample
200711-aeyxtc39xs
-
MD5
bd0cccb00c2af56c6fee9d748541b370
-
SHA1
295492a78e3cdc51d4f487f8ddbff07a4fbfdd5a
-
SHA256
3b9f555888df6326a6a0c7dd2c2c1c2d78bbb969c1b7d40ea0d0e9679a06bbc5
-
SHA512
5e41426988b9bb47f40ffad43cc96ede0a1e957e0fbec53959ecc81f0e7085fd83306c0544b7e5af2b43e51b9c0977724661a05f28024ae0f69d2ddbe4faa818
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Gen.NN.ZemsilF.34132.6q1@a4elV5i.17824.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Gen.NN.ZemsilF.34132.6q1@a4elV5i.17824.exe
Resource
win10
Malware Config
Extracted
oski
162.0.224.159
Targets
-
-
Target
SecuriteInfo.com.Gen.NN.ZemsilF.34132.6q1@a4elV5i.17824
-
Size
929KB
-
MD5
bd0cccb00c2af56c6fee9d748541b370
-
SHA1
295492a78e3cdc51d4f487f8ddbff07a4fbfdd5a
-
SHA256
3b9f555888df6326a6a0c7dd2c2c1c2d78bbb969c1b7d40ea0d0e9679a06bbc5
-
SHA512
5e41426988b9bb47f40ffad43cc96ede0a1e957e0fbec53959ecc81f0e7085fd83306c0544b7e5af2b43e51b9c0977724661a05f28024ae0f69d2ddbe4faa818
Score10/10-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-