General
-
Target
b0ef9fcbeb328309d351e64c5a9d9b28
-
Size
12.6MB
-
Sample
201214-rhb6rmn8me
-
MD5
b0ef9fcbeb328309d351e64c5a9d9b28
-
SHA1
300fd154888d07410f05d93617af4ea2087ff7d3
-
SHA256
09519dcbbda00e527d6e23fa992978426938709819a7dd9cd9bd114ecdb915c9
-
SHA512
a10b85f67fc87e579420141436195d91288b58fa105552f5d8abe670248d583f7ec18999238662ea267b03dd2b38e322b41cac8344b498fa1556c903563fd2a6
Static task
static1
Behavioral task
behavioral1
Sample
b0ef9fcbeb328309d351e64c5a9d9b28.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
b0ef9fcbeb328309d351e64c5a9d9b28.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
b0ef9fcbeb328309d351e64c5a9d9b28
-
Size
12.6MB
-
MD5
b0ef9fcbeb328309d351e64c5a9d9b28
-
SHA1
300fd154888d07410f05d93617af4ea2087ff7d3
-
SHA256
09519dcbbda00e527d6e23fa992978426938709819a7dd9cd9bd114ecdb915c9
-
SHA512
a10b85f67fc87e579420141436195d91288b58fa105552f5d8abe670248d583f7ec18999238662ea267b03dd2b38e322b41cac8344b498fa1556c903563fd2a6
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Suspicious use of SetThreadContext
-