General
-
Target
2a9c7c90b237fdb0571ab5ef9ee8c0827ef1f49edf66bc9837e0fd5dc2b1a786.zip
-
Size
135KB
-
Sample
211025-x1lsbsgeg3
-
MD5
d76d870f3a7da420e5cdc585032b8955
-
SHA1
cd532cf35818d2fbd7d72433e954a6b80cb39bd6
-
SHA256
9de1c97e5faa8d7fc2f0a39ba1bee0f191f8e175b9ddc2a4b2c049628d422d26
-
SHA512
2139e16d68c2d54e42db016b55e85424c95535e0bf338d846f675abbc92875d0f5c3931508b1771086e3a29fd1161116724ca90342d0b84ffa7bdbd48d28b10e
Static task
static1
Behavioral task
behavioral1
Sample
PIytasA.bin.dll
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
PIytasA.bin.dll
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
PIytasA.bin
-
Size
186KB
-
MD5
b61b46a6ec2e47c9cbb1ee9cc1dc4160
-
SHA1
2375f420544bf81f8c3ed917ad598c238f70f8f1
-
SHA256
2a9c7c90b237fdb0571ab5ef9ee8c0827ef1f49edf66bc9837e0fd5dc2b1a786
-
SHA512
48479dc4f438cd590b58d7d6330096df7a9c2e36a18b1640732df6cfb63cfd08f20e5f239a2550661b74089e79fbe72ad5da3375701d879dcad314fa6c11b468
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Bazar/Team9 Loader payload
-
Suspicious use of SetThreadContext
-