General
-
Target
db.exe
-
Size
91KB
-
Sample
210428-pe6cbnqjmn
-
MD5
2876db1b03b557351668cd577bf09c52
-
SHA1
39dea8fbb9eeb2d5e6de5af3eda87f33a857dc12
-
SHA256
dbeae60f2dbf75d9340775ee02002e0400bc646f9d35dc41bdef73be4da82ac5
-
SHA512
398ca451179d3800a654108bc3c9556dc5bee649fdcd2ec73133ca822c46a02c676f65f7d2cd8e4625121558bf4d68b851d5c8e723c527ed89fe0207ed490e39
Static task
static1
Behavioral task
behavioral1
Sample
db.exe
Resource
win7v20210410
Malware Config
Extracted
systembc
185.33.84.190:4124
45.79.237.92:4124
Targets
-
-
Target
db.exe
-
Size
91KB
-
MD5
2876db1b03b557351668cd577bf09c52
-
SHA1
39dea8fbb9eeb2d5e6de5af3eda87f33a857dc12
-
SHA256
dbeae60f2dbf75d9340775ee02002e0400bc646f9d35dc41bdef73be4da82ac5
-
SHA512
398ca451179d3800a654108bc3c9556dc5bee649fdcd2ec73133ca822c46a02c676f65f7d2cd8e4625121558bf4d68b851d5c8e723c527ed89fe0207ed490e39
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-