General
-
Target
f9d886d091d96c96cc24949f988ff3a7
-
Size
12.3MB
-
Sample
201214-tsg1rxrkbj
-
MD5
f9d886d091d96c96cc24949f988ff3a7
-
SHA1
37ee93ecf629f009e8d8e1eefc5c7511d1e87c33
-
SHA256
71f4ed14754453be26ce5dd9cf9fe487ca3a242d22647fe53906aa50f344346f
-
SHA512
99ef2552c4ddd4db73f1562a838fc1edcb51059b9e5a2ff6feca54a59daff1b293403a9fbb512422d31f16538c74ae0d1fe9e511e0b19897b9c4c8087cb1dca2
Static task
static1
Behavioral task
behavioral1
Sample
f9d886d091d96c96cc24949f988ff3a7.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
f9d886d091d96c96cc24949f988ff3a7.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
f9d886d091d96c96cc24949f988ff3a7
-
Size
12.3MB
-
MD5
f9d886d091d96c96cc24949f988ff3a7
-
SHA1
37ee93ecf629f009e8d8e1eefc5c7511d1e87c33
-
SHA256
71f4ed14754453be26ce5dd9cf9fe487ca3a242d22647fe53906aa50f344346f
-
SHA512
99ef2552c4ddd4db73f1562a838fc1edcb51059b9e5a2ff6feca54a59daff1b293403a9fbb512422d31f16538c74ae0d1fe9e511e0b19897b9c4c8087cb1dca2
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-