General
-
Target
SecuriteInfo.com.BackDoor.SpyBotNET.25.23558.4542
-
Size
667KB
-
Sample
220414-pyf53ahabn
-
MD5
1ba1f5a8783628e45caad235c8f640cf
-
SHA1
b41e98059945ddb010d3b50e5d0c83ecdde79716
-
SHA256
3ec377ffc5814c66d3417104617bc3a048448ef400c360480efc036c425afb95
-
SHA512
75c8de68fad66ec3bc8bc8c4887ee561c4e8e8af3e41021213bad8ea06947f379adca14bd3c2fb3ca17f4ac4a17f6bcf5a4cc630fe9979b40b2f0a60efc2b4a9
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.BackDoor.SpyBotNET.25.23558.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.BackDoor.SpyBotNET.25.23558.exe
Resource
win10v2004-20220310-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.BackDoor.SpyBotNET.25.23558.4542
-
Size
667KB
-
MD5
1ba1f5a8783628e45caad235c8f640cf
-
SHA1
b41e98059945ddb010d3b50e5d0c83ecdde79716
-
SHA256
3ec377ffc5814c66d3417104617bc3a048448ef400c360480efc036c425afb95
-
SHA512
75c8de68fad66ec3bc8bc8c4887ee561c4e8e8af3e41021213bad8ea06947f379adca14bd3c2fb3ca17f4ac4a17f6bcf5a4cc630fe9979b40b2f0a60efc2b4a9
Score10/10-
Adds policy Run key to start application
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Program crash
-
Suspicious use of SetThreadContext
-