General
-
Target
SecuriteInfo.com.Mal.Generic-S.15611.8549
-
Size
3.9MB
-
Sample
201109-n3697t386s
-
MD5
f6b72a826a885d982df7d5648e37b62c
-
SHA1
9feeba171ef18d1bb68e4f185c1af7c6d4b1eae6
-
SHA256
c006abbb1bae333e5973f9c419bfd9c3c721698cf2cf3ffbd1048fdfb4de811b
-
SHA512
2c52277b03cec9f08861dbebb5df24d9510b02312487a108c2d2411fba1799629e0914276dac84ee6a160ae9b8e34a7f4621dbe4fdf171d44ae1d8d3aeb68f65
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Mal.Generic-S.15611.8549.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Mal.Generic-S.15611.8549.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Mal.Generic-S.15611.8549
-
Size
3.9MB
-
MD5
f6b72a826a885d982df7d5648e37b62c
-
SHA1
9feeba171ef18d1bb68e4f185c1af7c6d4b1eae6
-
SHA256
c006abbb1bae333e5973f9c419bfd9c3c721698cf2cf3ffbd1048fdfb4de811b
-
SHA512
2c52277b03cec9f08861dbebb5df24d9510b02312487a108c2d2411fba1799629e0914276dac84ee6a160ae9b8e34a7f4621dbe4fdf171d44ae1d8d3aeb68f65
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies boot configuration data using bcdedit
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-
Modifies service
-