General
-
Target
1f7e656cf2ef6e41eecacd7f9fdd258b.exe
-
Size
358KB
-
Sample
210418-fd4nnf9dan
-
MD5
1f7e656cf2ef6e41eecacd7f9fdd258b
-
SHA1
bba474e9cfc5d0c44ef61e61bfdf963c2a575cb3
-
SHA256
50bd910698476cea1b75d0290d60445b8e6afb51e4fc1dbef0d11b16ef799357
-
SHA512
bb602cad813ef031d35295da25164f3b483a079fe2b90cc88a5e1bb73b02a2832f314778fe4d0d9baa7be562183cc32e094911b918e8a68fba007d8043f3bae0
Static task
static1
Behavioral task
behavioral1
Sample
1f7e656cf2ef6e41eecacd7f9fdd258b.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
1f7e656cf2ef6e41eecacd7f9fdd258b.exe
-
Size
358KB
-
MD5
1f7e656cf2ef6e41eecacd7f9fdd258b
-
SHA1
bba474e9cfc5d0c44ef61e61bfdf963c2a575cb3
-
SHA256
50bd910698476cea1b75d0290d60445b8e6afb51e4fc1dbef0d11b16ef799357
-
SHA512
bb602cad813ef031d35295da25164f3b483a079fe2b90cc88a5e1bb73b02a2832f314778fe4d0d9baa7be562183cc32e094911b918e8a68fba007d8043f3bae0
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Taurus Stealer Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-