General
-
Target
SecuriteInfo.com.Mal.Generic-S.5505.24553
-
Size
3.8MB
-
Sample
201118-dnmqavd5jx
-
MD5
35dae9b5746fdab6e4a74172f69f9e49
-
SHA1
438dfef4a69d6c74c142a8c0b63846c32abce6a2
-
SHA256
f92deb731182f4a89fe3d358a5a5cd35ac180d2fc2e5da390e6dc77c41627c84
-
SHA512
078c93c577204c5c9885a6ef0872406151020921cfdfeaa999d89357442ca01052da1db15c1fa445649bfa1d234641b1e1673a70133e5cab06f2507629e8ca81
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Mal.Generic-S.5505.24553.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Mal.Generic-S.5505.24553.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Mal.Generic-S.5505.24553
-
Size
3.8MB
-
MD5
35dae9b5746fdab6e4a74172f69f9e49
-
SHA1
438dfef4a69d6c74c142a8c0b63846c32abce6a2
-
SHA256
f92deb731182f4a89fe3d358a5a5cd35ac180d2fc2e5da390e6dc77c41627c84
-
SHA512
078c93c577204c5c9885a6ef0872406151020921cfdfeaa999d89357442ca01052da1db15c1fa445649bfa1d234641b1e1673a70133e5cab06f2507629e8ca81
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies boot configuration data using bcdedit
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-
Modifies service
-