General
-
Target
1ca42da8734369d68361fa07c518ed67.exe
-
Size
23KB
-
Sample
210118-923gl9877s
-
MD5
1ca42da8734369d68361fa07c518ed67
-
SHA1
d06558d66b3db5165c9da8764869be513ea04640
-
SHA256
f343cbf47c4797cc54cbe903a5341e01495807ff51cd3262948f2f831844377d
-
SHA512
26be9cdb3499eb10c1d5917e0e4f804aca0f3aeb5266c3cdd70f224f0d8c9d2415f9ac03a36eb9e80fa972612cb13a215457bcb2aa6002a3213b1b2b30e05a0e
Static task
static1
Behavioral task
behavioral1
Sample
1ca42da8734369d68361fa07c518ed67.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
1ca42da8734369d68361fa07c518ed67.exe
Resource
win10v20201028
Malware Config
Extracted
https://cdn.discordapp.com/attachments/767786413151223842/789413987816177684/newnjjj.exe
Targets
-
-
Target
1ca42da8734369d68361fa07c518ed67.exe
-
Size
23KB
-
MD5
1ca42da8734369d68361fa07c518ed67
-
SHA1
d06558d66b3db5165c9da8764869be513ea04640
-
SHA256
f343cbf47c4797cc54cbe903a5341e01495807ff51cd3262948f2f831844377d
-
SHA512
26be9cdb3499eb10c1d5917e0e4f804aca0f3aeb5266c3cdd70f224f0d8c9d2415f9ac03a36eb9e80fa972612cb13a215457bcb2aa6002a3213b1b2b30e05a0e
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-