Static task
static1
Behavioral task
behavioral1
Sample
0b98faf626c10538ddd8ff786e1fb1f1cfeb6e05.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
0b98faf626c10538ddd8ff786e1fb1f1cfeb6e05.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
0b98faf626c10538ddd8ff786e1fb1f1cfeb6e05
-
Size
580KB
-
MD5
38a0b1feccc0e9321d2cd40425e7a3fe
-
SHA1
0b98faf626c10538ddd8ff786e1fb1f1cfeb6e05
-
SHA256
f5d1f03033f55a7d779d07e11a876447abd4ae01aed58482706f6879931cf68c
-
SHA512
08aa1cd18fb0d8b0c87175dbf24c70cddf4fc27314405ac319a2185fe3e2cdd4f0b61810ba11108b57e63102eb86fe6200b7a7d0582b985c7446599e313575f0
Score
9/10
Malware Config
Signatures
-
Beds Protector Packer 1 IoCs
Detects Beds Protector packer used to load .NET malware.
Processes:
resource yara_rule sample beds_protector
Files
-
0b98faf626c10538ddd8ff786e1fb1f1cfeb6e05.exe windows x86