General
-
Target
SecuriteInfo.com.Trojan.GenericKD.46212578.16723.14032
-
Size
765KB
-
Sample
210503-2gbfzl2sgx
-
MD5
090148a4d527120eaaa7d5d2f0aa5bf1
-
SHA1
a5c6148505c3707580947351e9d07062979bb05d
-
SHA256
6bbdcec0763847706f9b75674aad231ff23afd2b212138fc630a86f69f8180d8
-
SHA512
48b9c690c51920e0119899f509d627e82866b004f456481a22e25a86d507568535e0bb858241ed8b376bc29221a233d3335cc951f694f2303423d2385aa23399
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKD.46212578.16723.14032.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.GenericKD.46212578.16723.14032.exe
Resource
win10v20210410
Malware Config
Extracted
oski
205.185.120.57
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKD.46212578.16723.14032
-
Size
765KB
-
MD5
090148a4d527120eaaa7d5d2f0aa5bf1
-
SHA1
a5c6148505c3707580947351e9d07062979bb05d
-
SHA256
6bbdcec0763847706f9b75674aad231ff23afd2b212138fc630a86f69f8180d8
-
SHA512
48b9c690c51920e0119899f509d627e82866b004f456481a22e25a86d507568535e0bb858241ed8b376bc29221a233d3335cc951f694f2303423d2385aa23399
Score10/10-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-