General
-
Target
nady6.dll
-
Size
1.3MB
-
Sample
210727-gyn99fknwa
-
MD5
1f45bcf1fb8b7ef74a57d19a371f41cf
-
SHA1
9b7f346a04f8481c22fb6f8853f76349402a7009
-
SHA256
aee116011409a5bec7d356bd8f704df0a361fb029bf20178d49e02607798d9a1
-
SHA512
6cdbc392b650420d9238d7400956fa41ec9ede827576b9023b977e232dd18b3dd72f36082fc6cdb5af7f62868b0bd00e9b718522799467c674efb6202a169f9f
Score
10/10
Static task
static1
Behavioral task
behavioral1
Sample
nady6.dll
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Malware Config
Targets
-
-
Target
nady6.dll
-
Size
1.3MB
-
MD5
1f45bcf1fb8b7ef74a57d19a371f41cf
-
SHA1
9b7f346a04f8481c22fb6f8853f76349402a7009
-
SHA256
aee116011409a5bec7d356bd8f704df0a361fb029bf20178d49e02607798d9a1
-
SHA512
6cdbc392b650420d9238d7400956fa41ec9ede827576b9023b977e232dd18b3dd72f36082fc6cdb5af7f62868b0bd00e9b718522799467c674efb6202a169f9f
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-