General
-
Target
IObit-Malware-Fighter-Setup.exe
-
Size
62.4MB
-
Sample
211029-qxhg6sddf7
-
MD5
8a00ddfdbf2b45e5c09410e2a0e68713
-
SHA1
361ad5834271774a94b9e3b8fd0b541bf5633a50
-
SHA256
81c970c56bc0b97bb9a2c5a9f4f012aa2fb326cbaaf6c15955a210f639376a56
-
SHA512
4faab5c5520c473128f0a4cbb04d90fc9ce52e92f75631986fdf8ee727eb0c57fafd65f3bc7fc4ca12a69e8f1065280f745bc5796831685f87e88d61caf6a3e2
Static task
static1
Behavioral task
behavioral1
Sample
IObit-Malware-Fighter-Setup.exe
Resource
win11
Malware Config
Targets
-
-
Target
IObit-Malware-Fighter-Setup.exe
-
Size
62.4MB
-
MD5
8a00ddfdbf2b45e5c09410e2a0e68713
-
SHA1
361ad5834271774a94b9e3b8fd0b541bf5633a50
-
SHA256
81c970c56bc0b97bb9a2c5a9f4f012aa2fb326cbaaf6c15955a210f639376a56
-
SHA512
4faab5c5520c473128f0a4cbb04d90fc9ce52e92f75631986fdf8ee727eb0c57fafd65f3bc7fc4ca12a69e8f1065280f745bc5796831685f87e88d61caf6a3e2
Score10/10-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-