General
-
Target
6bf5762fcefef0fde8ad24028d3c4c3c
-
Size
11.3MB
-
Sample
201117-nlg21jmz86
-
MD5
b8627712608289241fbe66b7aa044b79
-
SHA1
dd1ce2be81f75c51aa989d99932114ee7dd8b0a1
-
SHA256
02d0008536e64f889feea39fe3097574ad443ca27cf5314a11feb42059ca3b8a
-
SHA512
efa150c2dd14034c803c352dff265cd0106393bce55bf5f321d519f1f7ed3b3d9299e713590f174d9b715261af593ff753e7f5b1f61f29299eff1b5425a2d931
Static task
static1
Behavioral task
behavioral1
Sample
6bf5762fcefef0fde8ad24028d3c4c3c.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
6bf5762fcefef0fde8ad24028d3c4c3c.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
6bf5762fcefef0fde8ad24028d3c4c3c
-
Size
11.3MB
-
MD5
b8627712608289241fbe66b7aa044b79
-
SHA1
dd1ce2be81f75c51aa989d99932114ee7dd8b0a1
-
SHA256
02d0008536e64f889feea39fe3097574ad443ca27cf5314a11feb42059ca3b8a
-
SHA512
efa150c2dd14034c803c352dff265cd0106393bce55bf5f321d519f1f7ed3b3d9299e713590f174d9b715261af593ff753e7f5b1f61f29299eff1b5425a2d931
Score9/10-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-