General
-
Target
New Doc 20211401#_our new price.exe
-
Size
96KB
-
Sample
210121-xnrd5j3bxe
-
MD5
14a7ac7e8a7cc68ee2040ea5f3bb145e
-
SHA1
e7eabd570ec2dce1203d013a11599a8c627b527a
-
SHA256
cb3e82e9c93c6b7b44dd782d26d22ad26f323176f8662642397d6d271754768d
-
SHA512
ad59b75bbf9caea440cb8f45cce3b6107db9898455f017265f110ae3edc510bb20edd4f9a506d4c28a890fb11b006d1a2503c20fb18d3bfd6358b155880ddee4
Static task
static1
Behavioral task
behavioral1
Sample
New Doc 20211401#_our new price.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
New Doc 20211401#_our new price.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
New Doc 20211401#_our new price.exe
-
Size
96KB
-
MD5
14a7ac7e8a7cc68ee2040ea5f3bb145e
-
SHA1
e7eabd570ec2dce1203d013a11599a8c627b527a
-
SHA256
cb3e82e9c93c6b7b44dd782d26d22ad26f323176f8662642397d6d271754768d
-
SHA512
ad59b75bbf9caea440cb8f45cce3b6107db9898455f017265f110ae3edc510bb20edd4f9a506d4c28a890fb11b006d1a2503c20fb18d3bfd6358b155880ddee4
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-