General
-
Target
bab6c47622956b5426c17793f90b2967
-
Size
10.6MB
-
Sample
201214-betqqcamsa
-
MD5
bab6c47622956b5426c17793f90b2967
-
SHA1
f1e91228dd2812d7a6f733a1e1948efed8076007
-
SHA256
ac64da9df016c09cae0d4ee89dfb245c39b8347e3314f638733a6ddd6ae33bf4
-
SHA512
fe4a05a1ae2174cc62cf293bbaac6a8c34995a0d10067972069aa3d374f199a18f1700225e7d361fba1ab1869af59d47c958abe90ee830226f654eefe2cc6bbc
Static task
static1
Behavioral task
behavioral1
Sample
bab6c47622956b5426c17793f90b2967.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
bab6c47622956b5426c17793f90b2967.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
bab6c47622956b5426c17793f90b2967
-
Size
10.6MB
-
MD5
bab6c47622956b5426c17793f90b2967
-
SHA1
f1e91228dd2812d7a6f733a1e1948efed8076007
-
SHA256
ac64da9df016c09cae0d4ee89dfb245c39b8347e3314f638733a6ddd6ae33bf4
-
SHA512
fe4a05a1ae2174cc62cf293bbaac6a8c34995a0d10067972069aa3d374f199a18f1700225e7d361fba1ab1869af59d47c958abe90ee830226f654eefe2cc6bbc
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-