General
-
Target
98cc178853bbe4b0816e4c1b5ea322f99580491e63ef38c974ad4b8fbbf3a5ac
-
Size
2.6MB
-
Sample
210515-1b1mn2dyj6
-
MD5
ba4e7f59ea2ec484a7de3a2acb1f2a3a
-
SHA1
7d31763ff33687408e2c479e61acc140bb178bd1
-
SHA256
98cc178853bbe4b0816e4c1b5ea322f99580491e63ef38c974ad4b8fbbf3a5ac
-
SHA512
efc762b1be7a1c31d85fbd78838a9c4495c894d7fcfe61827565f2feb7008a4f146c13198e34e8b4b07fb9578338aba5353e1592d9e45aed8e130eab22324e98
Malware Config
Targets
-
-
Target
98cc178853bbe4b0816e4c1b5ea322f99580491e63ef38c974ad4b8fbbf3a5ac
-
Size
2.6MB
-
MD5
ba4e7f59ea2ec484a7de3a2acb1f2a3a
-
SHA1
7d31763ff33687408e2c479e61acc140bb178bd1
-
SHA256
98cc178853bbe4b0816e4c1b5ea322f99580491e63ef38c974ad4b8fbbf3a5ac
-
SHA512
efc762b1be7a1c31d85fbd78838a9c4495c894d7fcfe61827565f2feb7008a4f146c13198e34e8b4b07fb9578338aba5353e1592d9e45aed8e130eab22324e98
Score8/10-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-