General
-
Target
SHIPPING DOCUMENT.exe
-
Size
21KB
-
Sample
210226-nswvatv7ls
-
MD5
7602435d3ce856276d88c70ade365e94
-
SHA1
3883c0b282e011c7954ed61e11a948511eec686f
-
SHA256
c15fd959d72ff5dd978a6e8e15877b3f41fba6a89d9bb4890287668b17d05a3c
-
SHA512
2a07de2f35a8a031adcbcd97eee3acdc46f080567a6883f4e81d2cdd3d9d78ddb28e0a8b315aa56656d253378def5331fa6e4e6bf05b9ea88a8f2509c1a00b86
Static task
static1
Behavioral task
behavioral1
Sample
SHIPPING DOCUMENT.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SHIPPING DOCUMENT.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
SHIPPING DOCUMENT.exe
-
Size
21KB
-
MD5
7602435d3ce856276d88c70ade365e94
-
SHA1
3883c0b282e011c7954ed61e11a948511eec686f
-
SHA256
c15fd959d72ff5dd978a6e8e15877b3f41fba6a89d9bb4890287668b17d05a3c
-
SHA512
2a07de2f35a8a031adcbcd97eee3acdc46f080567a6883f4e81d2cdd3d9d78ddb28e0a8b315aa56656d253378def5331fa6e4e6bf05b9ea88a8f2509c1a00b86
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-