General
-
Target
b4d9f0cb213707065776e51bc23f2bad
-
Size
12.6MB
-
Sample
201214-kghakaws22
-
MD5
b4d9f0cb213707065776e51bc23f2bad
-
SHA1
f20253f8be90711a0986bdee33a9c061e38c8790
-
SHA256
970547ed157ac695b887a3e8d0d657080d5703e8f9b0eced3295d6fa7a950e0d
-
SHA512
06838656b9f9ecb18c0b5451e69b1d69a26dc1feb0bc8e0d1d84495829618e72b71d8ffdb03d184d3cbfd4521999b0c6f4cee6afacce72b470516874faceda61
Static task
static1
Behavioral task
behavioral1
Sample
b4d9f0cb213707065776e51bc23f2bad.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
b4d9f0cb213707065776e51bc23f2bad.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
b4d9f0cb213707065776e51bc23f2bad
-
Size
12.6MB
-
MD5
b4d9f0cb213707065776e51bc23f2bad
-
SHA1
f20253f8be90711a0986bdee33a9c061e38c8790
-
SHA256
970547ed157ac695b887a3e8d0d657080d5703e8f9b0eced3295d6fa7a950e0d
-
SHA512
06838656b9f9ecb18c0b5451e69b1d69a26dc1feb0bc8e0d1d84495829618e72b71d8ffdb03d184d3cbfd4521999b0c6f4cee6afacce72b470516874faceda61
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-