General
-
Target
EcV01.04.R.exe
-
Size
5.3MB
-
Sample
201112-qs93lctlaa
-
MD5
dc363cbc7660992d9642c9f560373375
-
SHA1
ab398f6df5dcc79980c4f04178c5449c6cb30da6
-
SHA256
e596d6af81ecbb9fb5903c85ecacade2aa806482fcb6700699e69e676d342b0c
-
SHA512
4375ef9a732e540b1ed211d107e66f19791df3d8cdbe67e9288b004483eef4c5b733e59d12d1bd5aedd65e658c64cdd96790079ce90296c984ea9b156ae09228
Static task
static1
Behavioral task
behavioral1
Sample
EcV01.04.R.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
EcV01.04.R.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
EcV01.04.R.exe
-
Size
5.3MB
-
MD5
dc363cbc7660992d9642c9f560373375
-
SHA1
ab398f6df5dcc79980c4f04178c5449c6cb30da6
-
SHA256
e596d6af81ecbb9fb5903c85ecacade2aa806482fcb6700699e69e676d342b0c
-
SHA512
4375ef9a732e540b1ed211d107e66f19791df3d8cdbe67e9288b004483eef4c5b733e59d12d1bd5aedd65e658c64cdd96790079ce90296c984ea9b156ae09228
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-
Drops file in System32 directory
-
Modifies service
-