General
-
Target
launch.exe
-
Size
11.1MB
-
Sample
210219-ac9gy5hh8a
-
MD5
2d5e460a3901dca05e2136caf6bd1e6a
-
SHA1
67867efd77da99bd352bf8e41ad389b32a3ed754
-
SHA256
245cef96892734f37f495d0a1f189e8f9b66ba4d23a2a8f457c0adb2c9240e74
-
SHA512
dad3d506451a4ea568ee92ec8c10be6db9cbbd11c5a6b193b7ed282a336d93e6d793fa4d98169010f0cb401b244b9b49fbcfd7bd97d724ed838ad4a31b53c3c1
Static task
static1
Behavioral task
behavioral1
Sample
launch.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
launch.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
launch.exe
-
Size
11.1MB
-
MD5
2d5e460a3901dca05e2136caf6bd1e6a
-
SHA1
67867efd77da99bd352bf8e41ad389b32a3ed754
-
SHA256
245cef96892734f37f495d0a1f189e8f9b66ba4d23a2a8f457c0adb2c9240e74
-
SHA512
dad3d506451a4ea568ee92ec8c10be6db9cbbd11c5a6b193b7ed282a336d93e6d793fa4d98169010f0cb401b244b9b49fbcfd7bd97d724ed838ad4a31b53c3c1
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-