General
-
Target
fd17907d5c330897248b4eeb10b26bd72a1a9d15eb8422c80a4bf17a9eccc24d.zip
-
Size
135KB
-
Sample
211025-xx6y4ahdfq
-
MD5
1c61bd3576aedb23127a23a3f442103b
-
SHA1
b6ee586c2d1be18a6de73b3231ded329071fcacf
-
SHA256
bd0b7a5e28d9fb31657ed7bfe1a4078237909cd5747ab3705a5d5aa609eab73e
-
SHA512
3e2c3314880ad1ef870e924c3c00ce7f14d7615783d874b85f63efb638586a97d29ea136e33aa07dadd61b0a88023dccc1de908e1adf46cee5bfc128c04bb0c7
Static task
static1
Behavioral task
behavioral1
Sample
GiecQSs.bin.dll
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
GiecQSs.bin.dll
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
GiecQSs.bin
-
Size
186KB
-
MD5
6bdc157542846873b3ea1854f4e93d76
-
SHA1
b14ed5008108b570ec40c3c2d8390d0efb31cef7
-
SHA256
fd17907d5c330897248b4eeb10b26bd72a1a9d15eb8422c80a4bf17a9eccc24d
-
SHA512
2ecb5c8695e927369e464634d2464e6e6e25f660453b3b6c43b035d883627a57c90ccdc5da467b4b110ff735a445332735ca9413ad0c723fb4a11cbd4d82f045
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Bazar/Team9 Loader payload
-
Suspicious use of SetThreadContext
-