General
-
Target
0720a1760ad35b21d11f219b1296495e.exe
-
Size
2.4MB
-
Sample
210726-46c175t9l6
-
MD5
0720a1760ad35b21d11f219b1296495e
-
SHA1
b56990e97f273697e8e83970035cddf9882721fd
-
SHA256
42b69d127811ca7706dde5099f967a1502a3192cf4e3d4b0b7cf5660959f7d07
-
SHA512
9daad20d9934e2d8aa441146e4c28bdfb08dfa08d68becf42bb67c7d50a2b8f990a639583ea96b32e142cb99aa672658eb66a28208375aa33c1f573551090328
Static task
static1
Behavioral task
behavioral1
Sample
0720a1760ad35b21d11f219b1296495e.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
0720a1760ad35b21d11f219b1296495e.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
0720a1760ad35b21d11f219b1296495e.exe
-
Size
2.4MB
-
MD5
0720a1760ad35b21d11f219b1296495e
-
SHA1
b56990e97f273697e8e83970035cddf9882721fd
-
SHA256
42b69d127811ca7706dde5099f967a1502a3192cf4e3d4b0b7cf5660959f7d07
-
SHA512
9daad20d9934e2d8aa441146e4c28bdfb08dfa08d68becf42bb67c7d50a2b8f990a639583ea96b32e142cb99aa672658eb66a28208375aa33c1f573551090328
Score7/10-
Drops startup file
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
autoit_exe
AutoIT scripts compiled to PE executables.
-