General
-
Target
b8f6d8445b9fb56c7da8b89c54e4e5108ee22f5b09f379440c5d9b48f2328f0c
-
Size
160KB
-
Sample
210516-xhlk2d3gpn
-
MD5
c13212695945649b14a5b56aa72a4c3c
-
SHA1
f910797389f823beb1ef88ead07dc1870684f08c
-
SHA256
b8f6d8445b9fb56c7da8b89c54e4e5108ee22f5b09f379440c5d9b48f2328f0c
-
SHA512
1e6ac8e2347271fc90e87f71884358d11e2b5e104bb18d58311f7342a968b78297d65d06dc7c1961d83e025a5d2c77ef993a789e5923dc22d7c9fc35ca8db536
Static task
static1
Behavioral task
behavioral1
Sample
b8f6d8445b9fb56c7da8b89c54e4e5108ee22f5b09f379440c5d9b48f2328f0c.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
b8f6d8445b9fb56c7da8b89c54e4e5108ee22f5b09f379440c5d9b48f2328f0c
-
Size
160KB
-
MD5
c13212695945649b14a5b56aa72a4c3c
-
SHA1
f910797389f823beb1ef88ead07dc1870684f08c
-
SHA256
b8f6d8445b9fb56c7da8b89c54e4e5108ee22f5b09f379440c5d9b48f2328f0c
-
SHA512
1e6ac8e2347271fc90e87f71884358d11e2b5e104bb18d58311f7342a968b78297d65d06dc7c1961d83e025a5d2c77ef993a789e5923dc22d7c9fc35ca8db536
-
Modifies firewall policy service
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Executes dropped EXE
-
Loads dropped DLL
-