General
-
Target
B64Str-B64Decoded.bin
-
Size
6.7MB
-
Sample
211011-b2dx8agcek
-
MD5
536444a6c9cdc019b47330725e1ac0d2
-
SHA1
7c01fc6c4a6ce3710a3462bec304ee483f7a5910
-
SHA256
0055fab035e9d26b72bb550b88eba4972f56d3885c0b013a83286bdeb7496de1
-
SHA512
17782dfd7c742596450d7aeed3ccbe87c3e122e7298d2f164f792a40ed846aa05d9b404d2d9b132466fff595d77e215a509c7692d2b7a5849c6135592d7fff7b
Static task
static1
Behavioral task
behavioral1
Sample
B64Str-B64Decoded.bin.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
B64Str-B64Decoded.bin.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
B64Str-B64Decoded.bin
-
Size
6.7MB
-
MD5
536444a6c9cdc019b47330725e1ac0d2
-
SHA1
7c01fc6c4a6ce3710a3462bec304ee483f7a5910
-
SHA256
0055fab035e9d26b72bb550b88eba4972f56d3885c0b013a83286bdeb7496de1
-
SHA512
17782dfd7c742596450d7aeed3ccbe87c3e122e7298d2f164f792a40ed846aa05d9b404d2d9b132466fff595d77e215a509c7692d2b7a5849c6135592d7fff7b
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-