General
-
Target
66b1580426a8b8bcfa79ffcbdc1f8e94bd22cf6643dd3f3ff519d30712e4db73
-
Size
1.3MB
-
Sample
201106-gn3hhpf66e
-
MD5
672c168d4320323398943d1cd1e489df
-
SHA1
bf8df765b16c756e2f6d0ea4034d7c8366eb3794
-
SHA256
66b1580426a8b8bcfa79ffcbdc1f8e94bd22cf6643dd3f3ff519d30712e4db73
-
SHA512
c2e67c8b8a0c91401bc497eca04196b5f0d9a91bf64d97d2bc186c88438d8abc945cb82cc9639ee0a5573858c943beebe7fdf72118b2bdb397a104426d71c0cc
Static task
static1
Behavioral task
behavioral1
Sample
66b1580426a8b8bcfa79ffcbdc1f8e94bd22cf6643dd3f3ff519d30712e4db73.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
66b1580426a8b8bcfa79ffcbdc1f8e94bd22cf6643dd3f3ff519d30712e4db73.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
66b1580426a8b8bcfa79ffcbdc1f8e94bd22cf6643dd3f3ff519d30712e4db73
-
Size
1.3MB
-
MD5
672c168d4320323398943d1cd1e489df
-
SHA1
bf8df765b16c756e2f6d0ea4034d7c8366eb3794
-
SHA256
66b1580426a8b8bcfa79ffcbdc1f8e94bd22cf6643dd3f3ff519d30712e4db73
-
SHA512
c2e67c8b8a0c91401bc497eca04196b5f0d9a91bf64d97d2bc186c88438d8abc945cb82cc9639ee0a5573858c943beebe7fdf72118b2bdb397a104426d71c0cc
-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-