General
-
Target
DMtrans_1.0.exe
-
Size
93.4MB
-
Sample
201103-jvhhn7519s
-
MD5
19cac463f0f4b4e1a19fd931eba797d3
-
SHA1
037bcd53250ced1f4c8b8e0819b2661fd7371e4e
-
SHA256
8af12d9aa372eff41740c9eee38a1ab290cc3b18d1a0783fb6ec98acd997713a
-
SHA512
97c9a96032da5e06b3274469dc82084c7faa654aba05d0eae455e164b95ad3a664aee847fdeafafa23bb0d4a7fc990d01d524a9beacccfdba2513e84f8fcfbb8
Static task
static1
Behavioral task
behavioral1
Sample
DMtrans_1.0.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
DMtrans_1.0.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
DMtrans_1.0.exe
-
Size
93.4MB
-
MD5
19cac463f0f4b4e1a19fd931eba797d3
-
SHA1
037bcd53250ced1f4c8b8e0819b2661fd7371e4e
-
SHA256
8af12d9aa372eff41740c9eee38a1ab290cc3b18d1a0783fb6ec98acd997713a
-
SHA512
97c9a96032da5e06b3274469dc82084c7faa654aba05d0eae455e164b95ad3a664aee847fdeafafa23bb0d4a7fc990d01d524a9beacccfdba2513e84f8fcfbb8
Score10/10-
Registers COM server for autorun
-
Blacklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
JavaScript code in executable
-
Drops file in System32 directory
-
Modifies service
-