General
-
Target
b46963c476da195c8cf128a66b552ac93ba1d78996fcbacc1b5c51316eda5c5f
-
Size
1.3MB
-
Sample
211107-mghapaaad3
-
MD5
38c469631e318c85d94c19ca07d264f4
-
SHA1
5e91cd2205a451c951cdaf398a90c3cdd753caaa
-
SHA256
b46963c476da195c8cf128a66b552ac93ba1d78996fcbacc1b5c51316eda5c5f
-
SHA512
fde75a909bab7ed9df36abc1b5b346e990cf763d5c0360113a6f0ed938f128147222b4c00ba205a3d053ab5b0b3fa2777312e5fbe2955e9f747a7a4d4cc3dcb9
Malware Config
Targets
-
-
Target
b46963c476da195c8cf128a66b552ac93ba1d78996fcbacc1b5c51316eda5c5f
-
Size
1.3MB
-
MD5
38c469631e318c85d94c19ca07d264f4
-
SHA1
5e91cd2205a451c951cdaf398a90c3cdd753caaa
-
SHA256
b46963c476da195c8cf128a66b552ac93ba1d78996fcbacc1b5c51316eda5c5f
-
SHA512
fde75a909bab7ed9df36abc1b5b346e990cf763d5c0360113a6f0ed938f128147222b4c00ba205a3d053ab5b0b3fa2777312e5fbe2955e9f747a7a4d4cc3dcb9
Score8/10-
Executes dropped EXE
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-