Static task
static1
Behavioral task
behavioral1
Sample
NEW PURCHASE ORDER.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
NEW PURCHASE ORDER.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
NEW PURCHASE ORDER.exe
-
Size
577KB
-
MD5
3080525809aefe707920c99cf4188b9a
-
SHA1
ca74f0622d9125aa89c563609ad562f82f1877c7
-
SHA256
5c490fcd927f87434dca860aa71947a31942bcabfed0adb27ab16a0fe1412fe1
-
SHA512
7abaf9d7002dbf437c991629d6cd876b69a0ee05f1fef586c3b8749cbededddc486524082c6065ad1260c0aa3c5976c2edeb9f8901dda19a1557bf0040c06eb5
Score
9/10
Malware Config
Signatures
-
Beds Protector Packer 1 IoCs
Detects Beds Protector packer used to load .NET malware.
Processes:
resource yara_rule sample beds_protector
Files
-
NEW PURCHASE ORDER.exe.exe windows x86