General
-
Target
lfahe1.cab
-
Size
523KB
-
Sample
201109-4ry1jth3zn
-
MD5
4f74df55ff11ae52b59a5ae086593347
-
SHA1
b0f465a36e86e11ce00756e7e81b679bd9f98c29
-
SHA256
de342d1a4e8dd15037b9b5e859bb57e2e8db8987957cc232ce545db5610ce0e3
-
SHA512
4a0bd09d0428a0df5a675d74d2fe40e4c05c74a78bd34dcb1bb5dd23f1da70e0ee2ac0f4de04cb8c19478065835c90b8e9373579c054786c98ef3896d772a3e2
Static task
static1
Behavioral task
behavioral1
Sample
lfahe1.cab.dll
Resource
win7v20201028
Malware Config
Targets
-
-
Target
lfahe1.cab
-
Size
523KB
-
MD5
4f74df55ff11ae52b59a5ae086593347
-
SHA1
b0f465a36e86e11ce00756e7e81b679bd9f98c29
-
SHA256
de342d1a4e8dd15037b9b5e859bb57e2e8db8987957cc232ce545db5610ce0e3
-
SHA512
4a0bd09d0428a0df5a675d74d2fe40e4c05c74a78bd34dcb1bb5dd23f1da70e0ee2ac0f4de04cb8c19478065835c90b8e9373579c054786c98ef3896d772a3e2
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Valak JavaScript Loader
-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
JavaScript code in executable
-