General
-
Target
bbb0a4f942a2b080cdf71bc38a8518a8
-
Size
12.2MB
-
Sample
201214-g5t2ef942e
-
MD5
bbb0a4f942a2b080cdf71bc38a8518a8
-
SHA1
70b3fc91640e9f9867adf924ead9290023cfae4c
-
SHA256
aa95f8cd1b28d2d1065ac290edc78f0ac8d00b3863f52c084a06155202d96c0a
-
SHA512
3cea9d0a723ed744d6fe5afb1c7c4f745efe9565ebc1acf532eba983feab25ce2b9940d980b1e7a8d67d15c0142e3b74cb57344dd95e561ce3d8b7d465a7e470
Static task
static1
Behavioral task
behavioral1
Sample
bbb0a4f942a2b080cdf71bc38a8518a8.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
bbb0a4f942a2b080cdf71bc38a8518a8.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
bbb0a4f942a2b080cdf71bc38a8518a8
-
Size
12.2MB
-
MD5
bbb0a4f942a2b080cdf71bc38a8518a8
-
SHA1
70b3fc91640e9f9867adf924ead9290023cfae4c
-
SHA256
aa95f8cd1b28d2d1065ac290edc78f0ac8d00b3863f52c084a06155202d96c0a
-
SHA512
3cea9d0a723ed744d6fe5afb1c7c4f745efe9565ebc1acf532eba983feab25ce2b9940d980b1e7a8d67d15c0142e3b74cb57344dd95e561ce3d8b7d465a7e470
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-