General
-
Target
afe8c29b5c2fd78772b1e9493f797afc
-
Size
12.2MB
-
Sample
201214-v5r3h3stbn
-
MD5
afe8c29b5c2fd78772b1e9493f797afc
-
SHA1
f2259cb0558077474a3e871450fff4f163890048
-
SHA256
f2dcddd55324726c4076627fdb38011cabcadcdfe7431c8fccd5836fbcc46a6c
-
SHA512
cd864beba5e1d32dce31b8f3bf7163ad428063686408ebf6df5db200ee0d6751860df22ed2903bcee266e448e3d9f4fa49d5b85fbba57a8480fabeabdcc41361
Static task
static1
Behavioral task
behavioral1
Sample
afe8c29b5c2fd78772b1e9493f797afc.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
afe8c29b5c2fd78772b1e9493f797afc.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
afe8c29b5c2fd78772b1e9493f797afc
-
Size
12.2MB
-
MD5
afe8c29b5c2fd78772b1e9493f797afc
-
SHA1
f2259cb0558077474a3e871450fff4f163890048
-
SHA256
f2dcddd55324726c4076627fdb38011cabcadcdfe7431c8fccd5836fbcc46a6c
-
SHA512
cd864beba5e1d32dce31b8f3bf7163ad428063686408ebf6df5db200ee0d6751860df22ed2903bcee266e448e3d9f4fa49d5b85fbba57a8480fabeabdcc41361
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Suspicious use of SetThreadContext
-