General
-
Target
ecb5e56faaf6c280df96cec3d86139a7cc2aa1f0a2e288e2f4a08856fabc2fbe.sample
-
Size
55KB
-
Sample
210726-sqmqzcdvva
-
MD5
6b907aabe3c4b7073fe2b31ba1d8c24c
-
SHA1
1e897a0ba4f73a9fe779caceefe655b5b22c3676
-
SHA256
ecb5e56faaf6c280df96cec3d86139a7cc2aa1f0a2e288e2f4a08856fabc2fbe
-
SHA512
40f236a3459ccfd15f107a2840682cc547ce9a41a371403ea7bb4a427b0fc4e92cdf0ffa6bc44e30066c27f24fb956e41e023860df9127f017d952afaa405357
Static task
static1
Behavioral task
behavioral1
Sample
ecb5e56faaf6c280df96cec3d86139a7cc2aa1f0a2e288e2f4a08856fabc2fbe.sample.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
ecb5e56faaf6c280df96cec3d86139a7cc2aa1f0a2e288e2f4a08856fabc2fbe.sample.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
ecb5e56faaf6c280df96cec3d86139a7cc2aa1f0a2e288e2f4a08856fabc2fbe.sample
-
Size
55KB
-
MD5
6b907aabe3c4b7073fe2b31ba1d8c24c
-
SHA1
1e897a0ba4f73a9fe779caceefe655b5b22c3676
-
SHA256
ecb5e56faaf6c280df96cec3d86139a7cc2aa1f0a2e288e2f4a08856fabc2fbe
-
SHA512
40f236a3459ccfd15f107a2840682cc547ce9a41a371403ea7bb4a427b0fc4e92cdf0ffa6bc44e30066c27f24fb956e41e023860df9127f017d952afaa405357
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-