General
-
Target
d52a459560622be3d8ab5d46ccface98acb49641386b971d427784d9f14e413e
-
Size
1.2MB
-
Sample
210922-qkjvgacgd3
-
MD5
87665d443c7a883a9605213fa5028662
-
SHA1
04f910763ed46eb2b40be54f42ad7b7e4b149dd6
-
SHA256
d52a459560622be3d8ab5d46ccface98acb49641386b971d427784d9f14e413e
-
SHA512
b46e0937229313334646aca69b041f1134b048c29518b85381fae86172e7c1f88134bd4576606d5b56c0ba4ee2b7ebd0d5bc979e81597422a57f22bf99d79f00
Static task
static1
Behavioral task
behavioral1
Sample
d52a459560622be3d8ab5d46ccface98acb49641386b971d427784d9f14e413e.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
d52a459560622be3d8ab5d46ccface98acb49641386b971d427784d9f14e413e.exe
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
d52a459560622be3d8ab5d46ccface98acb49641386b971d427784d9f14e413e
-
Size
1.2MB
-
MD5
87665d443c7a883a9605213fa5028662
-
SHA1
04f910763ed46eb2b40be54f42ad7b7e4b149dd6
-
SHA256
d52a459560622be3d8ab5d46ccface98acb49641386b971d427784d9f14e413e
-
SHA512
b46e0937229313334646aca69b041f1134b048c29518b85381fae86172e7c1f88134bd4576606d5b56c0ba4ee2b7ebd0d5bc979e81597422a57f22bf99d79f00
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-