General
-
Target
dp
-
Size
763KB
-
Sample
210727-vaajvddjj2
-
MD5
0a50081a6cd37aea0945c91de91c5d97
-
SHA1
755309c6d9fa4cd13b6c867cde01cc1e0d415d00
-
SHA256
6606d759667fbdfaa46241db7ffb4839d2c47b88a20120446f41e916cad77d0b
-
SHA512
f0a4e9a3dc065df2182527b17077c822d4535db86bf61f5ee795ee469b15159560a8e81e60d3037f3de1bb38e92f0fc8a422c2656882650d699e2b96948f9846
Static task
static1
Behavioral task
behavioral1
Sample
dp.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
dp.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
dp
-
Size
763KB
-
MD5
0a50081a6cd37aea0945c91de91c5d97
-
SHA1
755309c6d9fa4cd13b6c867cde01cc1e0d415d00
-
SHA256
6606d759667fbdfaa46241db7ffb4839d2c47b88a20120446f41e916cad77d0b
-
SHA512
f0a4e9a3dc065df2182527b17077c822d4535db86bf61f5ee795ee469b15159560a8e81e60d3037f3de1bb38e92f0fc8a422c2656882650d699e2b96948f9846
Score10/10-
Modifies security service
-
Registers COM server for autorun
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-