General
-
Target
B23D910F08643F0C79F08297AAD168634E6F5A5552EB4.exe
-
Size
394KB
-
Sample
210507-y6ksexzp7j
-
MD5
f7533c6cdcaf5f39b1656e6d93644639
-
SHA1
a5720fac0e88fd0c5c717ea5bb9f451f1ef7aa43
-
SHA256
b23d910f08643f0c79f08297aad168634e6f5a5552eb469f4b7e0bce2b0568b5
-
SHA512
5fdf0227d08eadd2238e66839c3b5b23d45db7493d9809f3db4ae3cf129a4dae10df1e98c1ebabbb8d48a7003a034bf958fb1fd34bf9f283d30903ffdb6d6e0b
Static task
static1
Behavioral task
behavioral1
Sample
B23D910F08643F0C79F08297AAD168634E6F5A5552EB4.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
B23D910F08643F0C79F08297AAD168634E6F5A5552EB4.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
B23D910F08643F0C79F08297AAD168634E6F5A5552EB4.exe
-
Size
394KB
-
MD5
f7533c6cdcaf5f39b1656e6d93644639
-
SHA1
a5720fac0e88fd0c5c717ea5bb9f451f1ef7aa43
-
SHA256
b23d910f08643f0c79f08297aad168634e6f5a5552eb469f4b7e0bce2b0568b5
-
SHA512
5fdf0227d08eadd2238e66839c3b5b23d45db7493d9809f3db4ae3cf129a4dae10df1e98c1ebabbb8d48a7003a034bf958fb1fd34bf9f283d30903ffdb6d6e0b
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-