Overview
overview
9Static
static
ﱞﱞﱞï...ﱞﱞ
windows10_x64
9ﱞﱞﱞï...ฺฺ
windows10_x64
9ﱞﱞﱞï...ﱞﱞ
windows10_x64
9ﱞﱞﱞï...ﱞﱞ
windows10_x64
9ﱞﱞﱞï...ﱞﱞ
windows7_x64
9win102
windows10_x64
9win104
windows10_x64
9win105
windows10_x64
9win106
windows10_x64
9win103
windows10_x64
9win101
windows10_x64
9win100
windows10_x64
9General
-
Target
Install.exe
-
Size
497KB
-
Sample
210503-sm43bn67nn
-
MD5
41a5f4fd1ea7cac4aa94a87aebccfef0
-
SHA1
0d0abf079413a4c773754bf4fda338dc5b9a8ddc
-
SHA256
97e95e99fd499ec45a7c1d8683d5731ce5e7a8fb8b710622e578cd169a00d8d9
-
SHA512
5ca14bda498f26efff4e1179969b8f2c25244063c7bf25f3ec20b5cd24b5be320bbfb8b3d0b2d66f5c5b415da777a766fece5f251a4247773c6cb991417fb75f
Static task
static1
Behavioral task
behavioral1
Sample
Install.exe
Resource
win10v20210410
Behavioral task
behavioral2
Sample
Install.exe
Resource
win10v20210408
Behavioral task
behavioral3
Sample
Install.exe
Resource
win10v20210410
Behavioral task
behavioral4
Sample
Install.exe
Resource
win10v20210408
Behavioral task
behavioral5
Sample
Install.exe
Resource
win7v20210410
Behavioral task
behavioral6
Sample
Install.exe
Resource
win10v20210410
Behavioral task
behavioral7
Sample
Install.exe
Resource
win10v20210408
Behavioral task
behavioral8
Sample
Install.exe
Resource
win10v20210410
Behavioral task
behavioral9
Sample
Install.exe
Resource
win10v20210408
Behavioral task
behavioral10
Sample
Install.exe
Resource
win10v20210410
Behavioral task
behavioral11
Sample
Install.exe
Resource
win10v20210408
Behavioral task
behavioral12
Sample
Install.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
Install.exe
-
Size
497KB
-
MD5
41a5f4fd1ea7cac4aa94a87aebccfef0
-
SHA1
0d0abf079413a4c773754bf4fda338dc5b9a8ddc
-
SHA256
97e95e99fd499ec45a7c1d8683d5731ce5e7a8fb8b710622e578cd169a00d8d9
-
SHA512
5ca14bda498f26efff4e1179969b8f2c25244063c7bf25f3ec20b5cd24b5be320bbfb8b3d0b2d66f5c5b415da777a766fece5f251a4247773c6cb991417fb75f
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Downloads MZ/PE file
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Program crash
-