General
-
Target
08b7f6b7fa0c3739b1d5a613acca95f0
-
Size
13.6MB
-
Sample
201214-wrf1esps9s
-
MD5
08b7f6b7fa0c3739b1d5a613acca95f0
-
SHA1
a902654e7e6a6e33783f939ba4f328d693274453
-
SHA256
152e52489425d1eec835e4898ac961f508b691de0817679d630f33b5044fe8c6
-
SHA512
561ff87e01172a1af3f5519010ec0c1eaa6a2007875c3dd9023bb6448d9d1fb6a408cf0e52ec98e9efb18babb5a05b8a2571da13e9d83d5b0951f380dd751b97
Static task
static1
Behavioral task
behavioral1
Sample
08b7f6b7fa0c3739b1d5a613acca95f0.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
08b7f6b7fa0c3739b1d5a613acca95f0.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
08b7f6b7fa0c3739b1d5a613acca95f0
-
Size
13.6MB
-
MD5
08b7f6b7fa0c3739b1d5a613acca95f0
-
SHA1
a902654e7e6a6e33783f939ba4f328d693274453
-
SHA256
152e52489425d1eec835e4898ac961f508b691de0817679d630f33b5044fe8c6
-
SHA512
561ff87e01172a1af3f5519010ec0c1eaa6a2007875c3dd9023bb6448d9d1fb6a408cf0e52ec98e9efb18babb5a05b8a2571da13e9d83d5b0951f380dd751b97
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Suspicious use of SetThreadContext
-