General
-
Target
995e93cb625f8495aaacca762984f75cd51d4b83dab87530ab52cd6feb71f18f
-
Size
1.4MB
-
Sample
220531-acazlabffm
-
MD5
559b52aec4d01ff74368792a609ed93e
-
SHA1
26ae28b5a0db5310eb73b4c8876e36b5b757ef7f
-
SHA256
995e93cb625f8495aaacca762984f75cd51d4b83dab87530ab52cd6feb71f18f
-
SHA512
e4360d91b7b95e14632c321796ffad6367b6ebf795fd3d559fbac3b79eadcfd7eeec0994db8567840324da61d97b07729aa9ef8f5f83d856e04d1769453b4093
Static task
static1
Behavioral task
behavioral1
Sample
IMG_4119.scr
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
IMG_4119.scr
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
IMG_4119.SCR
-
Size
905KB
-
MD5
060cbc77c20d140b7ad9f90fd58d45c3
-
SHA1
f39d0f1ecb50884c69e81b2fd8f66c4b1d5c5cf4
-
SHA256
550615c0ae5984a323c65110142b7730c87cd0b4bdc6ff13052983ba8a6ec7ff
-
SHA512
525b3beb849c77b132eb77ea1424605b48d5406a5f93a7f10a13b7837e8c7f363ecca7a7b71169114386679a4dc98077a372461dbf43e062c56e116b4f350fe1
Score10/10-
CoreEntity .NET Packer
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
-
Suspicious use of SetThreadContext
-