General
-
Target
b5c0d38dbf30c0db0bab6b5e9e6830ed
-
Size
11.6MB
-
Sample
201214-wf7phte99a
-
MD5
b5c0d38dbf30c0db0bab6b5e9e6830ed
-
SHA1
73d4487644c81ac0cdc8ba59cfbe4b610d02ac4d
-
SHA256
31e02e3b5a2080405d23e14f35aab57c675ed9e99fc813b79f9a6bc02d29dbed
-
SHA512
d97ec4dec0f04aef6aa1468ecd97394d29d359e125374ac53d0733b6cfe340d5f37b67c319b61a2d8132125c587b9775ea45fb2a3acdcf2983b0dfb43a94a07e
Static task
static1
Behavioral task
behavioral1
Sample
b5c0d38dbf30c0db0bab6b5e9e6830ed.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
b5c0d38dbf30c0db0bab6b5e9e6830ed.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
b5c0d38dbf30c0db0bab6b5e9e6830ed
-
Size
11.6MB
-
MD5
b5c0d38dbf30c0db0bab6b5e9e6830ed
-
SHA1
73d4487644c81ac0cdc8ba59cfbe4b610d02ac4d
-
SHA256
31e02e3b5a2080405d23e14f35aab57c675ed9e99fc813b79f9a6bc02d29dbed
-
SHA512
d97ec4dec0f04aef6aa1468ecd97394d29d359e125374ac53d0733b6cfe340d5f37b67c319b61a2d8132125c587b9775ea45fb2a3acdcf2983b0dfb43a94a07e
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-