General
-
Target
FTS_DeskUpdate_5010064_1238864.EXE
-
Size
73.1MB
-
Sample
201117-hjy12g3zj6
-
MD5
f642c9bff4583f2eb7ef55211a1d8f29
-
SHA1
f261437de769225e5e7bc1f6a1b0a40cd569db9d
-
SHA256
1d87ded4bf597d3087a86bbc2b69b297c1ab9a6c770446e6b1dde4345f131d06
-
SHA512
1afaca92887e818efd4a595ae50487501e150414bb14f908503dd9b04331f1b950d3da1bad025fa43897a71623a974afaa07f7ff28464eb0c72c65c293aae77c
Static task
static1
Behavioral task
behavioral1
Sample
FTS_DeskUpdate_5010064_1238864.EXE
Resource
win7v20201028
Behavioral task
behavioral2
Sample
FTS_DeskUpdate_5010064_1238864.EXE
Resource
win10v20201028
Malware Config
Targets
-
-
Target
FTS_DeskUpdate_5010064_1238864.EXE
-
Size
73.1MB
-
MD5
f642c9bff4583f2eb7ef55211a1d8f29
-
SHA1
f261437de769225e5e7bc1f6a1b0a40cd569db9d
-
SHA256
1d87ded4bf597d3087a86bbc2b69b297c1ab9a6c770446e6b1dde4345f131d06
-
SHA512
1afaca92887e818efd4a595ae50487501e150414bb14f908503dd9b04331f1b950d3da1bad025fa43897a71623a974afaa07f7ff28464eb0c72c65c293aae77c
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-
Drops file in System32 directory
-