General
-
Target
product supplies 10589TW.exe
-
Size
798KB
-
Sample
210118-z26c1z8v1a
-
MD5
5183d09c051bcf6de86a31c4a4ad059f
-
SHA1
da44abcebcab017f6e13a9acf1556ef4ab07b4d4
-
SHA256
2a632fa3436f40c7901873fe1ef196c9d4560ea37935fbe123259302fdd043c9
-
SHA512
3d5212a5de1bec0716ab61840b1a6a35947cb38dfa533ffe83b9e08107d8cc4e9d52d5f82f674ba26a88007532ca0c2a9cf282375467a965056893b1c6118f39
Static task
static1
Behavioral task
behavioral1
Sample
product supplies 10589TW.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
product supplies 10589TW.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
product supplies 10589TW.exe
-
Size
798KB
-
MD5
5183d09c051bcf6de86a31c4a4ad059f
-
SHA1
da44abcebcab017f6e13a9acf1556ef4ab07b4d4
-
SHA256
2a632fa3436f40c7901873fe1ef196c9d4560ea37935fbe123259302fdd043c9
-
SHA512
3d5212a5de1bec0716ab61840b1a6a35947cb38dfa533ffe83b9e08107d8cc4e9d52d5f82f674ba26a88007532ca0c2a9cf282375467a965056893b1c6118f39
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-