General
-
Target
e93cb5fe929c88252bbcb1ae8d73bfc6
-
Size
5.9MB
-
Sample
220623-rfwtxagbb7
-
MD5
e93cb5fe929c88252bbcb1ae8d73bfc6
-
SHA1
81f04e51bf83c1f9d45f333da4cf13167a89fd43
-
SHA256
32b33877baade9ad5e8fb751c6a6b4ba6176ea7699732bd5ebd2af161728ac1e
-
SHA512
4453b7f9bd989fc34816d7d8292463b0df79eeac11919d391a5695ecc76b28c97f06415768365b7af9404d733addfad7cfa9275d583452216ad398938719bc9a
Static task
static1
Behavioral task
behavioral1
Sample
e93cb5fe929c88252bbcb1ae8d73bfc6.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
e93cb5fe929c88252bbcb1ae8d73bfc6.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
e93cb5fe929c88252bbcb1ae8d73bfc6
-
Size
5.9MB
-
MD5
e93cb5fe929c88252bbcb1ae8d73bfc6
-
SHA1
81f04e51bf83c1f9d45f333da4cf13167a89fd43
-
SHA256
32b33877baade9ad5e8fb751c6a6b4ba6176ea7699732bd5ebd2af161728ac1e
-
SHA512
4453b7f9bd989fc34816d7d8292463b0df79eeac11919d391a5695ecc76b28c97f06415768365b7af9404d733addfad7cfa9275d583452216ad398938719bc9a
Score8/10-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-