General
-
Target
WinRAR.exe
-
Size
4.0MB
-
Sample
210120-xk92jf4fys
-
MD5
c930f328b5b3894feced92d04908b256
-
SHA1
79eaa3e5457cff7ad64147a4178b0e7aad732101
-
SHA256
72239d0cba7a80895957b43d854680fb2fefbaa8b1f68b001ce5905c32ddcde1
-
SHA512
db6d5d81a495874a12b37546541b6a7dce63b43960a5a7a52fa5b3bd87af2067e8aed5daf13c0a6f11f2230b61a369973d18921761a403222054d38ba2fe330f
Static task
static1
Behavioral task
behavioral1
Sample
WinRAR.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
WinRAR.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
WinRAR.exe
-
Size
4.0MB
-
MD5
c930f328b5b3894feced92d04908b256
-
SHA1
79eaa3e5457cff7ad64147a4178b0e7aad732101
-
SHA256
72239d0cba7a80895957b43d854680fb2fefbaa8b1f68b001ce5905c32ddcde1
-
SHA512
db6d5d81a495874a12b37546541b6a7dce63b43960a5a7a52fa5b3bd87af2067e8aed5daf13c0a6f11f2230b61a369973d18921761a403222054d38ba2fe330f
Score10/10-
StrongPity
StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.
-
StrongPity Spyware
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
JavaScript code in executable
-