General
-
Target
db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc
-
Size
5.0MB
-
Sample
210516-7rx4flbx3j
-
MD5
6d79ba975f8108d77440c5c47efd7c0a
-
SHA1
eb7b02421ab151d0562df4acc1b08d27fcbfe145
-
SHA256
db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc
-
SHA512
b128391a51dc6fdeab7a8421b5b1504ef490018770bf82edc375d30267ca473f426fd3a2107466c3ce205e4ba92d282e98fea4bafa08b8f62c5187f68a04df18
Static task
static1
Behavioral task
behavioral1
Sample
db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc.dll
Resource
win7v20210410
Behavioral task
behavioral2
Sample
db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc.dll
Resource
win10v20210408
Malware Config
Targets
-
-
Target
db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc
-
Size
5.0MB
-
MD5
6d79ba975f8108d77440c5c47efd7c0a
-
SHA1
eb7b02421ab151d0562df4acc1b08d27fcbfe145
-
SHA256
db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc
-
SHA512
b128391a51dc6fdeab7a8421b5b1504ef490018770bf82edc375d30267ca473f426fd3a2107466c3ce205e4ba92d282e98fea4bafa08b8f62c5187f68a04df18
Score10/10-
Modifies firewall policy service
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Executes dropped EXE
-
Drops file in System32 directory
-