General
-
Target
94b93992e4968d36b4366673815847ed
-
Size
12.5MB
-
Sample
201117-xngnh9tq4e
-
MD5
095d2b42824e3e91facbfd195c6dcbfa
-
SHA1
5ce029af0dd1037c834800f46cfc7d33ee96cf8f
-
SHA256
f9c509c0e06a6c3677f248f69abed6831d600434e509cb27ed38f9682875bf9a
-
SHA512
d51e5e8f68e294bbfce95ecafef8039aa9cd133fcbe15837928379ff3f7f6d1a5d0cc696b826c7f5035d063dd55835634dea5170b089f6fec706f5673dceed11
Static task
static1
Behavioral task
behavioral1
Sample
94b93992e4968d36b4366673815847ed.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
94b93992e4968d36b4366673815847ed.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
94b93992e4968d36b4366673815847ed
-
Size
12.5MB
-
MD5
095d2b42824e3e91facbfd195c6dcbfa
-
SHA1
5ce029af0dd1037c834800f46cfc7d33ee96cf8f
-
SHA256
f9c509c0e06a6c3677f248f69abed6831d600434e509cb27ed38f9682875bf9a
-
SHA512
d51e5e8f68e294bbfce95ecafef8039aa9cd133fcbe15837928379ff3f7f6d1a5d0cc696b826c7f5035d063dd55835634dea5170b089f6fec706f5673dceed11
Score9/10-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-