General
-
Target
cc321a36396c2df0df980a0da6ba3cf6.exe
-
Size
1.3MB
-
Sample
220105-j8fpdsadeq
-
MD5
cc321a36396c2df0df980a0da6ba3cf6
-
SHA1
a2ce8f96189f440e63977424824a6d80f0ab3d4c
-
SHA256
cb1b5b5edf60f8ec8355e54933c4081a1e3431c8fae5ec21d39a36beb2e1b4d2
-
SHA512
6e8ec8702d20190535d8d7e5fa0dd2264b44681be9cc2f919eed200205ef62dc7877223a1bf5d3407baaf9b804d58339e66e4d786f9e661dec3fb4249967c3d4
Static task
static1
Behavioral task
behavioral1
Sample
cc321a36396c2df0df980a0da6ba3cf6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
cc321a36396c2df0df980a0da6ba3cf6.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
cc321a36396c2df0df980a0da6ba3cf6.exe
-
Size
1.3MB
-
MD5
cc321a36396c2df0df980a0da6ba3cf6
-
SHA1
a2ce8f96189f440e63977424824a6d80f0ab3d4c
-
SHA256
cb1b5b5edf60f8ec8355e54933c4081a1e3431c8fae5ec21d39a36beb2e1b4d2
-
SHA512
6e8ec8702d20190535d8d7e5fa0dd2264b44681be9cc2f919eed200205ef62dc7877223a1bf5d3407baaf9b804d58339e66e4d786f9e661dec3fb4249967c3d4
-
Executes dropped EXE
-
Modifies file permissions
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-
autoit_exe
AutoIT scripts compiled to PE executables.
-