General
-
Target
dbdc04946fa3c9c7194da3e2ffd86523.exe
-
Size
3.8MB
-
Sample
201125-q2vhpjfd9s
-
MD5
dbdc04946fa3c9c7194da3e2ffd86523
-
SHA1
9b34bff78d9591ecd3ca928c54cc02d97dd42c32
-
SHA256
6651e6156af086e120114fb83b10af8b07acac4b73998cf5758bb5fe17677bfc
-
SHA512
0a535dec2a86039a97fb9f77e5efecba52d730584cd9b4fb6caac4152462641bd9845a72a7d72ce6cd3ab33c278cd449ce99e4c4a1eb1871dfd2fb6f82a34f30
Static task
static1
Behavioral task
behavioral1
Sample
dbdc04946fa3c9c7194da3e2ffd86523.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
dbdc04946fa3c9c7194da3e2ffd86523.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
dbdc04946fa3c9c7194da3e2ffd86523.exe
-
Size
3.8MB
-
MD5
dbdc04946fa3c9c7194da3e2ffd86523
-
SHA1
9b34bff78d9591ecd3ca928c54cc02d97dd42c32
-
SHA256
6651e6156af086e120114fb83b10af8b07acac4b73998cf5758bb5fe17677bfc
-
SHA512
0a535dec2a86039a97fb9f77e5efecba52d730584cd9b4fb6caac4152462641bd9845a72a7d72ce6cd3ab33c278cd449ce99e4c4a1eb1871dfd2fb6f82a34f30
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies boot configuration data using bcdedit
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-