General
-
Target
s.exe
-
Size
261KB
-
Sample
220206-lx6gsahebk
-
MD5
b536287b4579805e670c79ba866c7d46
-
SHA1
31266436fe5ce008a27d96e729470a75dde1c440
-
SHA256
1479da55bc8333e46c9923be0e8a57f6597fe4482e263f37581fadb8492eb7c7
-
SHA512
f4ef6338a30b4b7a4b1b812cc5763c8528cba357d5969a0d07b49df6b3d92644144fdd7ec38ef23a35e84f6c3e0eecf2b5e43b08dc6a5eaaeb7c8390f27ee508
Static task
static1
Behavioral task
behavioral1
Sample
s.exe
Resource
win7-en-20211208
Malware Config
Extracted
systembc
194.33.45.6:4001
Targets
-
-
Target
s.exe
-
Size
261KB
-
MD5
b536287b4579805e670c79ba866c7d46
-
SHA1
31266436fe5ce008a27d96e729470a75dde1c440
-
SHA256
1479da55bc8333e46c9923be0e8a57f6597fe4482e263f37581fadb8492eb7c7
-
SHA512
f4ef6338a30b4b7a4b1b812cc5763c8528cba357d5969a0d07b49df6b3d92644144fdd7ec38ef23a35e84f6c3e0eecf2b5e43b08dc6a5eaaeb7c8390f27ee508
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)
suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)
-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
suricata: ET MALWARE Win32/SystemBC CnC Checkin
suricata: ET MALWARE Win32/SystemBC CnC Checkin
-
Downloads MZ/PE file
-
Executes dropped EXE
-