General
-
Target
order confirmation 6026022001.exe
-
Size
20KB
-
Sample
210226-ghlmx8yj36
-
MD5
a9ebeb182dacaf7bce486a6057eca4b3
-
SHA1
a120761190e19ea911ade534cfa5b306d23f1290
-
SHA256
0466e95386b646ceb150b3e44533c0f20aef85ba49757b9ec1fd1c01a47d31eb
-
SHA512
6fa85664bc6b43f1fbcd338c94a64355575e6a4c2f5ee699c72c2c1f7ae1b1c5221b8c0c12d6e17e671361d21495e68ab8c5682a09281bf01cee0e6e1338a613
Static task
static1
Behavioral task
behavioral1
Sample
order confirmation 6026022001.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
order confirmation 6026022001.exe
-
Size
20KB
-
MD5
a9ebeb182dacaf7bce486a6057eca4b3
-
SHA1
a120761190e19ea911ade534cfa5b306d23f1290
-
SHA256
0466e95386b646ceb150b3e44533c0f20aef85ba49757b9ec1fd1c01a47d31eb
-
SHA512
6fa85664bc6b43f1fbcd338c94a64355575e6a4c2f5ee699c72c2c1f7ae1b1c5221b8c0c12d6e17e671361d21495e68ab8c5682a09281bf01cee0e6e1338a613
Score10/10-
Turns off Windows Defender SpyNet reporting
-
Nirsoft
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-