General
-
Target
Inv_36571_VIC_Pty_Ltd.arj.arj
-
Size
362KB
-
Sample
210408-7nrfwm18xx
-
MD5
152655e4278176eb7e80373c92452584
-
SHA1
0ce7df22f07c014427ba78a598509da1ff50e8dd
-
SHA256
26f59408ce806ef0d84a40355181e1ba65cf8c49acf413e350527841f5e7924e
-
SHA512
872bca5e730f394975ba83ad51d2082af8e1e31dfeeb634fda921c7b69827731fe066689c45d8e8e787846491a8c919b1d678791a194557e46fa3e6ac1653ea2
Static task
static1
Behavioral task
behavioral1
Sample
Inv_36571_VIC_Pty_Ltd.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Inv_36571_VIC_Pty_Ltd.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Inv_36571_VIC_Pty_Ltd.exe
-
Size
580KB
-
MD5
5b1363c3b88bd52a0f4044b51c0791d8
-
SHA1
3b1b46eb883c1b79e403e12c3157b6423f13af07
-
SHA256
04b5f5af6b41722e400498a6540445cfcc1c056b328401eb662fb4d29ee02a5d
-
SHA512
1370e1814663c433cb6c8b69b382e6ac1da1b55ca56aed1b9575d19957b32bd5d2b7835cbf6105e4ec8f2a8acd335dcea0697db123068c7e635b35a087117bd0
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Adds Run key to start application
-