General
-
Target
tightvnc-2.8.59-gpl-setup-64bit.msi
-
Size
2.4MB
-
Sample
210524-wvxl9h292e
-
MD5
a85259eec8742fdd4acffcdac54cd930
-
SHA1
696204de2e5688356bc01bae037c3b955432acdd
-
SHA256
7e80a38c47a1457a35567f30a7ea515248ca391ae3d9deec48b31868af7315b0
-
SHA512
1b2fd5b8e723c69250d6dfe2c24bbaa80b1a8d050c4d8ca24a2e92cc7f5d284bbac711e452f727c2ce12293ccbf7a4e005f3795015626d4a20f20c49f977a6b6
Static task
static1
Behavioral task
behavioral1
Sample
tightvnc-2.8.59-gpl-setup-64bit.msi
Resource
win7v20210408
Behavioral task
behavioral2
Sample
tightvnc-2.8.59-gpl-setup-64bit.msi
Resource
win10v20210410
Malware Config
Targets
-
-
Target
tightvnc-2.8.59-gpl-setup-64bit.msi
-
Size
2.4MB
-
MD5
a85259eec8742fdd4acffcdac54cd930
-
SHA1
696204de2e5688356bc01bae037c3b955432acdd
-
SHA256
7e80a38c47a1457a35567f30a7ea515248ca391ae3d9deec48b31868af7315b0
-
SHA512
1b2fd5b8e723c69250d6dfe2c24bbaa80b1a8d050c4d8ca24a2e92cc7f5d284bbac711e452f727c2ce12293ccbf7a4e005f3795015626d4a20f20c49f977a6b6
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-