General
-
Target
44b44fbf4c7fbd56e8cf7411054aa0d6
-
Size
1.7MB
-
Sample
220119-2pzbhadhc7
-
MD5
44b44fbf4c7fbd56e8cf7411054aa0d6
-
SHA1
5e7822e039183a026e10ee02ce50033148b8bbdd
-
SHA256
a9f6712e7cf49bddcbdef715d13768157f94252be28bd74331a9ff963401137c
-
SHA512
7820502414958f5fd8720ddc6e414af06c9ff5340876e913a96e563a16d5ffd02013fb784cdfa2a97c70d84fdb32e03dde5421277db2ea87b010bc5b36d673ca
Static task
static1
Behavioral task
behavioral1
Sample
44b44fbf4c7fbd56e8cf7411054aa0d6.xll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
44b44fbf4c7fbd56e8cf7411054aa0d6.xll
Resource
win10v2004-en-20220112
Malware Config
Extracted
Targets
-
-
Target
44b44fbf4c7fbd56e8cf7411054aa0d6
-
Size
1.7MB
-
MD5
44b44fbf4c7fbd56e8cf7411054aa0d6
-
SHA1
5e7822e039183a026e10ee02ce50033148b8bbdd
-
SHA256
a9f6712e7cf49bddcbdef715d13768157f94252be28bd74331a9ff963401137c
-
SHA512
7820502414958f5fd8720ddc6e414af06c9ff5340876e913a96e563a16d5ffd02013fb784cdfa2a97c70d84fdb32e03dde5421277db2ea87b010bc5b36d673ca
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Bazar/Team9 Loader payload
-
Sets service image path in registry
-
Loads dropped DLL
-