General
-
Target
26d1c1e380e3ebf093ec1fb111b0b9f0a8499e84f7fad0c2d1a3f7be957b38b3.sample
-
Size
55KB
-
Sample
210726-erqxa5gf6j
-
MD5
d85c03740303592390b3826c331501f1
-
SHA1
a1e94bfddef5a7e6d33c79a0e563b50aca07681c
-
SHA256
26d1c1e380e3ebf093ec1fb111b0b9f0a8499e84f7fad0c2d1a3f7be957b38b3
-
SHA512
a32aef4b2f365caec735b93282ee5a8f34cd67312525c289040a35dc2efbf56a3d49dd95ed47e13ae28cc110242cf36fa74ea00a772366cca4448b18653c41db
Static task
static1
Behavioral task
behavioral1
Sample
26d1c1e380e3ebf093ec1fb111b0b9f0a8499e84f7fad0c2d1a3f7be957b38b3.sample.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
26d1c1e380e3ebf093ec1fb111b0b9f0a8499e84f7fad0c2d1a3f7be957b38b3.sample.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
26d1c1e380e3ebf093ec1fb111b0b9f0a8499e84f7fad0c2d1a3f7be957b38b3.sample
-
Size
55KB
-
MD5
d85c03740303592390b3826c331501f1
-
SHA1
a1e94bfddef5a7e6d33c79a0e563b50aca07681c
-
SHA256
26d1c1e380e3ebf093ec1fb111b0b9f0a8499e84f7fad0c2d1a3f7be957b38b3
-
SHA512
a32aef4b2f365caec735b93282ee5a8f34cd67312525c289040a35dc2efbf56a3d49dd95ed47e13ae28cc110242cf36fa74ea00a772366cca4448b18653c41db
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-