General
-
Target
c9b5203de5dcfcacef457d81feba5f0d.exe
-
Size
345KB
-
Sample
210418-h8g4xz1y1e
-
MD5
c9b5203de5dcfcacef457d81feba5f0d
-
SHA1
370c8b0935a60595b193d31a3779599a7d3b643c
-
SHA256
6c5d7642a58d60f603a1931f20977219becef21e957641a250c272c3fab74b2d
-
SHA512
7e33d238e2478413581afd237076f22ab0dc0c07c202161733e0f863e2d315b51f19c3b9a2b9dc049c3550abe234b80fde7c295c94d6432a9955965ed7a1385c
Static task
static1
Behavioral task
behavioral1
Sample
c9b5203de5dcfcacef457d81feba5f0d.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
c9b5203de5dcfcacef457d81feba5f0d.exe
-
Size
345KB
-
MD5
c9b5203de5dcfcacef457d81feba5f0d
-
SHA1
370c8b0935a60595b193d31a3779599a7d3b643c
-
SHA256
6c5d7642a58d60f603a1931f20977219becef21e957641a250c272c3fab74b2d
-
SHA512
7e33d238e2478413581afd237076f22ab0dc0c07c202161733e0f863e2d315b51f19c3b9a2b9dc049c3550abe234b80fde7c295c94d6432a9955965ed7a1385c
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Taurus Stealer Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-