General
-
Target
9b1e96863b1fefbb1852c9bce569a93e1e470b56a9319894a902ad1a72479ab8
-
Size
13.1MB
-
Sample
201115-9vqets6ses
-
MD5
8ce56c9886f37230ccbd76178b28248c
-
SHA1
09715923175bc58c5203ea1d2bba3db38465883a
-
SHA256
9b1e96863b1fefbb1852c9bce569a93e1e470b56a9319894a902ad1a72479ab8
-
SHA512
be40c7ddce9e122829b07f64058002c6e6ce224a513acf391f3d0048b7fe1f20a2664927fab556bd7ae55d0ea1f897413bfa4768e4042192978954fed40b2c69
Static task
static1
Behavioral task
behavioral1
Sample
9b1e96863b1fefbb1852c9bce569a93e1e470b56a9319894a902ad1a72479ab8.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
9b1e96863b1fefbb1852c9bce569a93e1e470b56a9319894a902ad1a72479ab8.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
9b1e96863b1fefbb1852c9bce569a93e1e470b56a9319894a902ad1a72479ab8
-
Size
13.1MB
-
MD5
8ce56c9886f37230ccbd76178b28248c
-
SHA1
09715923175bc58c5203ea1d2bba3db38465883a
-
SHA256
9b1e96863b1fefbb1852c9bce569a93e1e470b56a9319894a902ad1a72479ab8
-
SHA512
be40c7ddce9e122829b07f64058002c6e6ce224a513acf391f3d0048b7fe1f20a2664927fab556bd7ae55d0ea1f897413bfa4768e4042192978954fed40b2c69
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Modifies service
-
Suspicious use of SetThreadContext
-