General
-
Target
4d38a406-a252-441f-ba6b-a30dc933916e.zip
-
Size
1.1MB
-
Sample
210302-npwx8es142
-
MD5
56de284fe5de62f4d41d3c6a7087071b
-
SHA1
71cab95b8697e6d43c2955469cb884ce5fddb3c2
-
SHA256
fe1061f7940953bca5390713e75fdae049a5049abb12daee2bc42dc82d0fddf1
-
SHA512
f2b027eaa5bc47292420bd4e87d54e02b322c429876c52b3ef15e85d32fac234ebe57cee34ed86cc4924d70b99d2dbafc36367d303644f7a29d85f069e8bc0d1
Static task
static1
Behavioral task
behavioral1
Sample
$Recycle.Bin/S-1-5-21-1063017186-617417581-1783442191-77788/$R31D8M9.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
$Recycle.Bin/S-1-5-21-1063017186-617417581-1783442191-77788/$R31D8M9.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
$Recycle.Bin/S-1-5-21-1063017186-617417581-1783442191-77788/$R31D8M9.exe
-
Size
1.2MB
-
MD5
8ef93a4d8de454de68f7bb2dee940109
-
SHA1
ffddbb8283cf91cd97c05f635ccaf4cce9b02cd3
-
SHA256
edcbe7f4691ca8bebc33b7b24c7dede243daf81ba8eec329aeadf71c8af1b305
-
SHA512
cd4838e2dbd267bf8ae0ec69be08ddac7c2b4580dcfdd3db834bc39995b32e4e1303112419ed887d664f62f1341443ccfa05150404bb8adc71859d57cdf943a1
Score8/10-
Executes dropped EXE
-
Patched UPX-packed file
Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-