General
-
Target
ec34212811e7ce52e9f74a2b8cb288dadb3a25fa1613a87bb9bea7bed40ba18c
-
Size
523KB
-
Sample
220201-ktrnsabgcr
-
MD5
68234a9e29bd19f4c3d605ae8fbda2df
-
SHA1
16293ed56b9e4286e4549de48ee97d3962f91cb4
-
SHA256
ec34212811e7ce52e9f74a2b8cb288dadb3a25fa1613a87bb9bea7bed40ba18c
-
SHA512
431096a5e61b714c98f72626da0f7841677a8aee4c243ba3c57504bd6bfdb6a2a01e7f783fac642f253c088eb28c9610680f65ae92a0af277dd4bfffc847e45e
Static task
static1
Behavioral task
behavioral1
Sample
ec34212811e7ce52e9f74a2b8cb288dadb3a25fa1613a87bb9bea7bed40ba18c.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
ec34212811e7ce52e9f74a2b8cb288dadb3a25fa1613a87bb9bea7bed40ba18c.dll
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
ec34212811e7ce52e9f74a2b8cb288dadb3a25fa1613a87bb9bea7bed40ba18c
-
Size
523KB
-
MD5
68234a9e29bd19f4c3d605ae8fbda2df
-
SHA1
16293ed56b9e4286e4549de48ee97d3962f91cb4
-
SHA256
ec34212811e7ce52e9f74a2b8cb288dadb3a25fa1613a87bb9bea7bed40ba18c
-
SHA512
431096a5e61b714c98f72626da0f7841677a8aee4c243ba3c57504bd6bfdb6a2a01e7f783fac642f253c088eb28c9610680f65ae92a0af277dd4bfffc847e45e
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Valak JavaScript Loader
-
Blocklisted process makes network request
-
Sets service image path in registry
-