General
-
Target
7ddf1c0004d5cb08afdb7a4ad2198232c584ee7c.zip
-
Size
863KB
-
Sample
210416-84ps4ztv8s
-
MD5
febbc85bbeecb2e4c097fa47f7a038b6
-
SHA1
452a1dab08e83f43a7507bc408d6b82584a38b27
-
SHA256
a9f6ef13af75a45e21a84953e3ad505fc5f5bcd0d126ed5f8cb2bbccc5e698c1
-
SHA512
ef85d02e57793c7aa4f9200912d884b4481385250b22a89900e4f51c60ca2d259cdc3206892661cdddfa4df4d5f423fa5928cd65c0b7ee3e30a913f36f24ea87
Static task
static1
Behavioral task
behavioral1
Sample
7ddf1c0004d5cb08afdb7a4ad2198232c584ee7c.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
7ddf1c0004d5cb08afdb7a4ad2198232c584ee7c.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
7ddf1c0004d5cb08afdb7a4ad2198232c584ee7c
-
Size
1.4MB
-
MD5
2cb8100f3ebd38a989dc97a960b86aa4
-
SHA1
7ddf1c0004d5cb08afdb7a4ad2198232c584ee7c
-
SHA256
1969a9dbc990ec8d4c4c9b8133a7a7ec4651f2e5af0bc1da9e6973a22f34aad3
-
SHA512
2bde24565262adf6a990d09dd5d25acc4fcefb94d65cfd05d49dcf6f8daf2b7ec784cb55b0f146887e52d2c3121c2f97f01571de2cbf3a675fca9b745e168a0c
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-