General
-
Target
508a1a0a90a6386e7c25ee6d301568d0fa5b3d900bb22e84d7bbf885a01eaaa6
-
Size
2.8MB
-
Sample
210513-krec6yllja
-
MD5
b8954cf8459693343ef1d16ed643a975
-
SHA1
8c153541354d3365a8eabd5b541b4e1dadcf9095
-
SHA256
508a1a0a90a6386e7c25ee6d301568d0fa5b3d900bb22e84d7bbf885a01eaaa6
-
SHA512
aac83096a400cf00b031787f7d31b4fb5ebc965cad6ab8698ddef3a1672608293ef5e52ca3f0bed206b3e4c19e329831503835b66f61803e00c5d03b059cfa06
Static task
static1
Behavioral task
behavioral1
Sample
508a1a0a90a6386e7c25ee6d301568d0fa5b3d900bb22e84d7bbf885a01eaaa6.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
508a1a0a90a6386e7c25ee6d301568d0fa5b3d900bb22e84d7bbf885a01eaaa6.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
508a1a0a90a6386e7c25ee6d301568d0fa5b3d900bb22e84d7bbf885a01eaaa6
-
Size
2.8MB
-
MD5
b8954cf8459693343ef1d16ed643a975
-
SHA1
8c153541354d3365a8eabd5b541b4e1dadcf9095
-
SHA256
508a1a0a90a6386e7c25ee6d301568d0fa5b3d900bb22e84d7bbf885a01eaaa6
-
SHA512
aac83096a400cf00b031787f7d31b4fb5ebc965cad6ab8698ddef3a1672608293ef5e52ca3f0bed206b3e4c19e329831503835b66f61803e00c5d03b059cfa06
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Drops desktop.ini file(s)
-