General
-
Target
f5eb9dc17ffae0404f956e34fd697c5359de1d8f81afb2b9ed60eef16cf9daa1
-
Size
1.0MB
-
Sample
220625-fvzzbshff7
-
MD5
6b233fdc5dd1612e5af89d1b8f8cd0dc
-
SHA1
cedff03c2c9d0efd97970ba245ef69865191d826
-
SHA256
f5eb9dc17ffae0404f956e34fd697c5359de1d8f81afb2b9ed60eef16cf9daa1
-
SHA512
64d1778181856a03ef4c8cca3daee1dd9867ebee77f1f806f4c8245005fcb69701b445751d1271e5d98a6a84fe9a2533a294fbbae49bb8de60b2cab743f97560
Static task
static1
Behavioral task
behavioral1
Sample
f5eb9dc17ffae0404f956e34fd697c5359de1d8f81afb2b9ed60eef16cf9daa1.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
f5eb9dc17ffae0404f956e34fd697c5359de1d8f81afb2b9ed60eef16cf9daa1
-
Size
1.0MB
-
MD5
6b233fdc5dd1612e5af89d1b8f8cd0dc
-
SHA1
cedff03c2c9d0efd97970ba245ef69865191d826
-
SHA256
f5eb9dc17ffae0404f956e34fd697c5359de1d8f81afb2b9ed60eef16cf9daa1
-
SHA512
64d1778181856a03ef4c8cca3daee1dd9867ebee77f1f806f4c8245005fcb69701b445751d1271e5d98a6a84fe9a2533a294fbbae49bb8de60b2cab743f97560
-
suricata: ET MALWARE Generic Request to gate.php Dotted-Quad
suricata: ET MALWARE Generic Request to gate.php Dotted-Quad
-
suricata: ET MALWARE Nexus Stealer CnC Data Exfil
suricata: ET MALWARE Nexus Stealer CnC Data Exfil
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-