General
-
Target
SecuriteInfo.com.Trojan.MSIL.Kryptik.4625f314.19991.25291
-
Size
897KB
-
Sample
210505-deqzqzqch2
-
MD5
9f910ba7ff05efd30eb1c2316bb488e0
-
SHA1
3b428f5cf8b0c43b8b63bbaf728669a83f66458e
-
SHA256
0c2f78458061b2e848305409a90351eff2c4c31eed1a4667b6366bfdc43ef52a
-
SHA512
5f6300857bce04ef5e883bb219d3f2257acdada1c29cec9dff0d438a8190f784b0c7bde44dbe80adb7f28fefe03c9ec57d0300066bed46b838a91d92a3f7c189
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.MSIL.Kryptik.4625f314.19991.25291.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.MSIL.Kryptik.4625f314.19991.25291
-
Size
897KB
-
MD5
9f910ba7ff05efd30eb1c2316bb488e0
-
SHA1
3b428f5cf8b0c43b8b63bbaf728669a83f66458e
-
SHA256
0c2f78458061b2e848305409a90351eff2c4c31eed1a4667b6366bfdc43ef52a
-
SHA512
5f6300857bce04ef5e883bb219d3f2257acdada1c29cec9dff0d438a8190f784b0c7bde44dbe80adb7f28fefe03c9ec57d0300066bed46b838a91d92a3f7c189
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-