General
-
Target
5560c8468ec7ad1cd3c87530cfac9c36
-
Size
11.1MB
-
Sample
201117-ychhzmcymx
-
MD5
8ab4edb11fd7f47955924fb1b1445482
-
SHA1
4f9e86ae3fa5f8be3d6b9b8db937c2b73359fee9
-
SHA256
29c4de280ceb33f0e9374185fad275661979f9a787b5517dee6dd3b7679628d8
-
SHA512
effca221a5c59d61089529b6909321cac49446f5344c5835e6a77d515fcea967c2279122476b92e198c7b4719b9085e0586995a4767e321aea24aa4f25f9868c
Static task
static1
Behavioral task
behavioral1
Sample
5560c8468ec7ad1cd3c87530cfac9c36.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
5560c8468ec7ad1cd3c87530cfac9c36.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
5560c8468ec7ad1cd3c87530cfac9c36
-
Size
11.1MB
-
MD5
8ab4edb11fd7f47955924fb1b1445482
-
SHA1
4f9e86ae3fa5f8be3d6b9b8db937c2b73359fee9
-
SHA256
29c4de280ceb33f0e9374185fad275661979f9a787b5517dee6dd3b7679628d8
-
SHA512
effca221a5c59d61089529b6909321cac49446f5344c5835e6a77d515fcea967c2279122476b92e198c7b4719b9085e0586995a4767e321aea24aa4f25f9868c
Score9/10-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-