General
-
Target
1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d
-
Size
1.3MB
-
Sample
211107-3n5mkagcfk
-
MD5
c9ff2a16b15ad9dc97d2a54e3e145925
-
SHA1
b6fc9f62f45a9e0295452eb42a3f8f1831c59b49
-
SHA256
1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d
-
SHA512
efefb67fb4f3de947fcc4fe536cccd0dcf7c4dd6792bdcf241984eda3a9b4500f6922e7d4a3789cbe8b2870e68589032528ac5d0e3f1e95295669aa985bec665
Static task
static1
Behavioral task
behavioral1
Sample
1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d.exe
Resource
win10-en-20211104
Malware Config
Targets
-
-
Target
1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d
-
Size
1.3MB
-
MD5
c9ff2a16b15ad9dc97d2a54e3e145925
-
SHA1
b6fc9f62f45a9e0295452eb42a3f8f1831c59b49
-
SHA256
1abaacc77f4548a30a9bfa0156ce774f253b31609f8319592bab2f956bfca46d
-
SHA512
efefb67fb4f3de947fcc4fe536cccd0dcf7c4dd6792bdcf241984eda3a9b4500f6922e7d4a3789cbe8b2870e68589032528ac5d0e3f1e95295669aa985bec665
Score8/10-
Executes dropped EXE
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-