General
-
Target
b66d115512ea956db9993f91a3349777
-
Size
14.0MB
-
Sample
201214-63q3h4g182
-
MD5
b66d115512ea956db9993f91a3349777
-
SHA1
113b9cffc62fdced336e71ce7dad47e4649acd01
-
SHA256
92d58ed3de4b25d0508ca5b3afe6ef6c5e4e15eed2779986d6940126e7eecfda
-
SHA512
24cd97820000849f3034f6524943e8a06c0b88b34a9ea6254d3b730044b92f66f738a72d02265d1be2019905a032528c4005765c611abc57cdaefae5d474e22b
Static task
static1
Behavioral task
behavioral1
Sample
b66d115512ea956db9993f91a3349777.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
b66d115512ea956db9993f91a3349777.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
b66d115512ea956db9993f91a3349777
-
Size
14.0MB
-
MD5
b66d115512ea956db9993f91a3349777
-
SHA1
113b9cffc62fdced336e71ce7dad47e4649acd01
-
SHA256
92d58ed3de4b25d0508ca5b3afe6ef6c5e4e15eed2779986d6940126e7eecfda
-
SHA512
24cd97820000849f3034f6524943e8a06c0b88b34a9ea6254d3b730044b92f66f738a72d02265d1be2019905a032528c4005765c611abc57cdaefae5d474e22b
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-