General
-
Target
TT-4.exe
-
Size
307KB
-
Sample
210627-ptyyendgzx
-
MD5
19295d360b9ca2678d757d87d9445a65
-
SHA1
ac9d2e9364f8914004af53406627e04fc8ce2b9d
-
SHA256
f6baf2cbb7e86d3c1e140b0cc62dec7de55cc5359eeee7eda6f21ce0a00c13e9
-
SHA512
25af690a903a1cac3716bfe347dd5ef3f68b2cf5da227603b37d003e47a0b6394a77d69b48a9b430cbbbf9f309a4c8eff3eee58d13326b99c755d399c892c156
Static task
static1
Behavioral task
behavioral1
Sample
TT-4.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
TT-4.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
TT-4.exe
-
Size
307KB
-
MD5
19295d360b9ca2678d757d87d9445a65
-
SHA1
ac9d2e9364f8914004af53406627e04fc8ce2b9d
-
SHA256
f6baf2cbb7e86d3c1e140b0cc62dec7de55cc5359eeee7eda6f21ce0a00c13e9
-
SHA512
25af690a903a1cac3716bfe347dd5ef3f68b2cf5da227603b37d003e47a0b6394a77d69b48a9b430cbbbf9f309a4c8eff3eee58d13326b99c755d399c892c156
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-