General
-
Target
3ff8bf17e5513081c9cdd5d9f6aad3d4
-
Size
65KB
-
Sample
210926-srxq1sfag4
-
MD5
3ff8bf17e5513081c9cdd5d9f6aad3d4
-
SHA1
000ee99892ed87c213054cd28e58beeda9e45c5e
-
SHA256
2504393cecf6bf06ebb2070f21c5c3113e41f92f82d6635d2601f3aa29728183
-
SHA512
8d1686834da1be662650482d4a6eb211de97f4c131786313255ef2a92757b84c65754de44b7a065c45aaf06a99c942b509a593a3442b8009cf5291fca6014499
Static task
static1
Behavioral task
behavioral1
Sample
3ff8bf17e5513081c9cdd5d9f6aad3d4.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
3ff8bf17e5513081c9cdd5d9f6aad3d4.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
3ff8bf17e5513081c9cdd5d9f6aad3d4
-
Size
65KB
-
MD5
3ff8bf17e5513081c9cdd5d9f6aad3d4
-
SHA1
000ee99892ed87c213054cd28e58beeda9e45c5e
-
SHA256
2504393cecf6bf06ebb2070f21c5c3113e41f92f82d6635d2601f3aa29728183
-
SHA512
8d1686834da1be662650482d4a6eb211de97f4c131786313255ef2a92757b84c65754de44b7a065c45aaf06a99c942b509a593a3442b8009cf5291fca6014499
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-