General
-
Target
PO_9878xls.exe
-
Size
300KB
-
Sample
220131-h9ja8sgffr
-
MD5
4b779a236a8eae2bb4ee28cd99e7150c
-
SHA1
5ef6353ed24b0350212ffee3e01a872ff7bedf10
-
SHA256
0a0445acf374b31a19805593309ff48a3b0220b2a03e9d153d8788975bb9172e
-
SHA512
2fac5c2ae97f042d1ba974e18ab86ab2dbb62634722aab3185024924e5bdd8b06a28a691510dfbb8454809f7f9c647ef6a8f14909068221875f4dc01a89c435b
Static task
static1
Behavioral task
behavioral1
Sample
PO_9878xls.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
PO_9878xls.exe
-
Size
300KB
-
MD5
4b779a236a8eae2bb4ee28cd99e7150c
-
SHA1
5ef6353ed24b0350212ffee3e01a872ff7bedf10
-
SHA256
0a0445acf374b31a19805593309ff48a3b0220b2a03e9d153d8788975bb9172e
-
SHA512
2fac5c2ae97f042d1ba974e18ab86ab2dbb62634722aab3185024924e5bdd8b06a28a691510dfbb8454809f7f9c647ef6a8f14909068221875f4dc01a89c435b
-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-