General
-
Target
6040ccde5d8cb56331d3f3c3.zip
-
Size
5.8MB
-
Sample
210304-31cq77qcen
-
MD5
829233c296aa59ff4c2b56018464a6de
-
SHA1
682ba27aba00f3ab582b6c6a75201f923ce5541a
-
SHA256
5d97127302fd36f004e1a29c4e2cd8583ae6940fe5f16d1c8454885ae288cd8b
-
SHA512
71abc041284b8a1696024345953a4eefdd58781fcc0051474947efc1ea2b19698bc97d23d4a68dbfc5102f59f370d0e4c803a3bf5c00a553b0a02b52657724c0
Static task
static1
Behavioral task
behavioral1
Sample
START_ME.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
START_ME.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
START_ME.exe
-
Size
981KB
-
MD5
e3484a2aa73999f679732235728cc7e0
-
SHA1
800d1156db2a05ad9856741588cedb6b56185ac3
-
SHA256
343a5cbc98aff11e7d0ec6582e953df9bf3f0ecd41bead7365f13a382d64721e
-
SHA512
02eaf2e42898430fd08a82bd7c43d297ec188d4d98495c73059923a75c40b58d2a7def37b84e13ac8de8fca88175284121634a71ea187171dbb283dd366dabd9
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Executes dropped EXE
-
Loads dropped DLL
-