General
-
Target
7126e22ffd4cba3af2214d807e156a70.exe
-
Size
5KB
-
Sample
210811-d1syjlnbqa
-
MD5
7126e22ffd4cba3af2214d807e156a70
-
SHA1
df0227f8104e259d26ac66bffca37f7840e7c005
-
SHA256
d0672bf55e8872080c09d8ab5ce51171db85dce98907c3dfb09cf2ca600a4d69
-
SHA512
73d4317ad8ee06049a0f0bb3eaaa43b3373d33f71703a27f63a48ab639d6e55ad3eac83bce3f30f9e9f1b85e8ecb779dbe4896c708905484de177397554bbfe4
Static task
static1
Behavioral task
behavioral1
Sample
7126e22ffd4cba3af2214d807e156a70.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
7126e22ffd4cba3af2214d807e156a70.exe
Resource
win10v20210410
Malware Config
Extracted
oski
accdemo.axwebsite.com
Targets
-
-
Target
7126e22ffd4cba3af2214d807e156a70.exe
-
Size
5KB
-
MD5
7126e22ffd4cba3af2214d807e156a70
-
SHA1
df0227f8104e259d26ac66bffca37f7840e7c005
-
SHA256
d0672bf55e8872080c09d8ab5ce51171db85dce98907c3dfb09cf2ca600a4d69
-
SHA512
73d4317ad8ee06049a0f0bb3eaaa43b3373d33f71703a27f63a48ab639d6e55ad3eac83bce3f30f9e9f1b85e8ecb779dbe4896c708905484de177397554bbfe4
Score10/10-
Downloads MZ/PE file
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-