General
-
Target
42a45226999ec8bf234e2048ebfc69b7f5660ceaf61106479b5591f221157952
-
Size
1.8MB
-
Sample
220525-b15pjsadgl
-
MD5
2bcf972b2bd990c2f5f50c7fe56ebb11
-
SHA1
34a22acdfbc04328342c68a44f112bfabad5d572
-
SHA256
42a45226999ec8bf234e2048ebfc69b7f5660ceaf61106479b5591f221157952
-
SHA512
c691e4d36f8f00d5be77a3502ec01dfdc5286b8558bb78b99b3a2ad301838ecf42a843ae314b91fa2b1dd5a71668dd3874a7dd8448958e41bc2fdb4c2941b701
Static task
static1
Behavioral task
behavioral1
Sample
42a45226999ec8bf234e2048ebfc69b7f5660ceaf61106479b5591f221157952.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
42a45226999ec8bf234e2048ebfc69b7f5660ceaf61106479b5591f221157952
-
Size
1.8MB
-
MD5
2bcf972b2bd990c2f5f50c7fe56ebb11
-
SHA1
34a22acdfbc04328342c68a44f112bfabad5d572
-
SHA256
42a45226999ec8bf234e2048ebfc69b7f5660ceaf61106479b5591f221157952
-
SHA512
c691e4d36f8f00d5be77a3502ec01dfdc5286b8558bb78b99b3a2ad301838ecf42a843ae314b91fa2b1dd5a71668dd3874a7dd8448958e41bc2fdb4c2941b701
-
suricata: ET MALWARE Generic Request to gate.php Dotted-Quad
suricata: ET MALWARE Generic Request to gate.php Dotted-Quad
-
suricata: ET MALWARE Nexus Stealer CnC Data Exfil
suricata: ET MALWARE Nexus Stealer CnC Data Exfil
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-