General
-
Target
rween.exe
-
Size
313KB
-
Sample
210419-kr4ndywd5n
-
MD5
1994c7dd431c88e7b71bfeec3f51d493
-
SHA1
6c151e09cf1ef8db8c19aee22f22f1686cf77288
-
SHA256
afe81576e019af203a3b4548dcebe0ed5f9719719821fe570ef6eb31cae6cd0b
-
SHA512
36f4cb0c5f78645c948ba2f2445b23bcc836ebf083e628b25360954bb30d6baa074087535906192d561004b5b008b0e519301a8eb3e313fec6c282b62d0b32d3
Static task
static1
Behavioral task
behavioral1
Sample
rween.exe
Resource
win7v20210410
Malware Config
Extracted
amadey
2.11
176.111.174.67/7Ndd3SnW/index.php
Targets
-
-
Target
rween.exe
-
Size
313KB
-
MD5
1994c7dd431c88e7b71bfeec3f51d493
-
SHA1
6c151e09cf1ef8db8c19aee22f22f1686cf77288
-
SHA256
afe81576e019af203a3b4548dcebe0ed5f9719719821fe570ef6eb31cae6cd0b
-
SHA512
36f4cb0c5f78645c948ba2f2445b23bcc836ebf083e628b25360954bb30d6baa074087535906192d561004b5b008b0e519301a8eb3e313fec6c282b62d0b32d3
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-