General
-
Target
96d7b2f6f6f13ab8b971a95a7513c547.exe
-
Size
1.1MB
-
Sample
210412-1l2pkdj8q6
-
MD5
96d7b2f6f6f13ab8b971a95a7513c547
-
SHA1
5cc439b858fb5fc55eff74a5e3939a5d2dcc3e36
-
SHA256
0ae02edbc714dfd70bc71151c585d12d35b407c831ea5c9abf5c32376ce14a45
-
SHA512
3fc4e92c849ecbe4e4f767f65f0ec468d2ba6e62a01d30ac6d908042c0ec08cef5e5448f32b5b3d0c8c832c07470fbc60e948cd84ca59442d5a2b9790aa82e72
Static task
static1
Behavioral task
behavioral1
Sample
96d7b2f6f6f13ab8b971a95a7513c547.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
96d7b2f6f6f13ab8b971a95a7513c547.exe
-
Size
1.1MB
-
MD5
96d7b2f6f6f13ab8b971a95a7513c547
-
SHA1
5cc439b858fb5fc55eff74a5e3939a5d2dcc3e36
-
SHA256
0ae02edbc714dfd70bc71151c585d12d35b407c831ea5c9abf5c32376ce14a45
-
SHA512
3fc4e92c849ecbe4e4f767f65f0ec468d2ba6e62a01d30ac6d908042c0ec08cef5e5448f32b5b3d0c8c832c07470fbc60e948cd84ca59442d5a2b9790aa82e72
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-