Overview

overview

9

Static

static

a57c882289...1a.exe

windows7_x64

9

a57c882289...1a.exe

windows10_x64

9

Resubmissions

07-07-2022 07:37

220707-jfvmvafbem 10

09-12-2020 10:28

201209-grdfth2a4s 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a57c8822899013c8d0bbd87b4c36821a.exe

  • Size

    341KB

  • Sample

    201209-grdfth2a4s

  • MD5

    a57c8822899013c8d0bbd87b4c36821a

  • SHA1

    54da561ef6e0d2c368aca185ee828d67543fbf9e

  • SHA256

    ddb95e81345469771c505272274d21eb2e317ed8c46e0b679362df7cbf52ba6c

  • SHA512

    e070796a826d125787f875a587ada069799507f6fe842f05c5963d9080ee255b5a2d7097f996cfb19f9b08120beb6b47f722e17d3818ee09accdc5ae3354d247

Score
9/10

Malware Config

Targets

    • Target

      a57c8822899013c8d0bbd87b4c36821a.exe

    • Size

      341KB

    • MD5

      a57c8822899013c8d0bbd87b4c36821a

    • SHA1

      54da561ef6e0d2c368aca185ee828d67543fbf9e

    • SHA256

      ddb95e81345469771c505272274d21eb2e317ed8c46e0b679362df7cbf52ba6c

    • SHA512

      e070796a826d125787f875a587ada069799507f6fe842f05c5963d9080ee255b5a2d7097f996cfb19f9b08120beb6b47f722e17d3818ee09accdc5ae3354d247

    Score
    9/10

    • Beds Protector Packer

      Detects Beds Protector packer used to load .NET malware.

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks