General
-
Target
98fa07c229dd2f3e4eaaefb3372d5615c0acb728b1edb6e95b46477bbf691f5e
-
Size
523KB
-
Sample
220201-lnr8sschd6
-
MD5
71a761af92d5b98c9fea7a1e723f7fc7
-
SHA1
551763b0e3eec17666275e76c95d2b4c30703c37
-
SHA256
98fa07c229dd2f3e4eaaefb3372d5615c0acb728b1edb6e95b46477bbf691f5e
-
SHA512
f16dcb4d6083e141aee3bb9283aff90879f1bb1570c25abc8c4b42753b4c943e385007e8398d05ac9224e57c481d356c6efc7520660807963ff99c9c085aad41
Static task
static1
Behavioral task
behavioral1
Sample
98fa07c229dd2f3e4eaaefb3372d5615c0acb728b1edb6e95b46477bbf691f5e.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
98fa07c229dd2f3e4eaaefb3372d5615c0acb728b1edb6e95b46477bbf691f5e.dll
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
98fa07c229dd2f3e4eaaefb3372d5615c0acb728b1edb6e95b46477bbf691f5e
-
Size
523KB
-
MD5
71a761af92d5b98c9fea7a1e723f7fc7
-
SHA1
551763b0e3eec17666275e76c95d2b4c30703c37
-
SHA256
98fa07c229dd2f3e4eaaefb3372d5615c0acb728b1edb6e95b46477bbf691f5e
-
SHA512
f16dcb4d6083e141aee3bb9283aff90879f1bb1570c25abc8c4b42753b4c943e385007e8398d05ac9224e57c481d356c6efc7520660807963ff99c9c085aad41
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Valak JavaScript Loader
-
Blocklisted process makes network request
-
Sets service image path in registry
-