General
-
Target
confirmación de solicitud de documento DOC.ex.exe
-
Size
628KB
-
Sample
210421-rt8raskqb2
-
MD5
f92cfccc787573ad96e73fe5df999ebc
-
SHA1
8213016a7c85c3ca70f30b9afdc60d3d6e4c82cc
-
SHA256
6c2ca93949c6c8463079056deb121abcaea9934dcd860024624a4b0d53093204
-
SHA512
631163c9150eb79d001859d46df7b8df184c98c2ead25332a179642a681f5bea890094d935fb4299d2691b2fc82188e180bd96a89767cf68c3dd08b95257385f
Static task
static1
Behavioral task
behavioral1
Sample
confirmación de solicitud de documento DOC.ex.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
confirmación de solicitud de documento DOC.ex.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
confirmación de solicitud de documento DOC.ex.exe
-
Size
628KB
-
MD5
f92cfccc787573ad96e73fe5df999ebc
-
SHA1
8213016a7c85c3ca70f30b9afdc60d3d6e4c82cc
-
SHA256
6c2ca93949c6c8463079056deb121abcaea9934dcd860024624a4b0d53093204
-
SHA512
631163c9150eb79d001859d46df7b8df184c98c2ead25332a179642a681f5bea890094d935fb4299d2691b2fc82188e180bd96a89767cf68c3dd08b95257385f
Score8/10-
Blocklisted process makes network request
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-