General
-
Target
ykuBL9i61d.exe
-
Size
729KB
-
Sample
230319-b39raaed56
-
MD5
5a6e2372cf092d16435162af7b23de62
-
SHA1
e4c1e54aca0eacc3675bd7db4ec92f11979aefcb
-
SHA256
91c3b2b0be1ba25c0234fed681c1506e6396624d019c4e8626da7fd7d55c3694
-
SHA512
d5029c0e6d31d9e8526e7ef3cd28743c45ae0971bbc642bcbb73e8a9f99a5dc6174598542e93b49bb38651a0c11dc3e9fe0fc759e40a0e5564cb5e7ef29dbb60
-
SSDEEP
12288:srto7EbSb958GjpjDK4i0oAGqj+3hPebgB2iFnDT+bKOwONz5J5JrRjH:srtoYbSb958gjugoAGZhPGgIubAd9Jrd
Static task
static1
Behavioral task
behavioral1
Sample
ykuBL9i61d.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ykuBL9i61d.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
ykuBL9i61d.exe
-
Size
729KB
-
MD5
5a6e2372cf092d16435162af7b23de62
-
SHA1
e4c1e54aca0eacc3675bd7db4ec92f11979aefcb
-
SHA256
91c3b2b0be1ba25c0234fed681c1506e6396624d019c4e8626da7fd7d55c3694
-
SHA512
d5029c0e6d31d9e8526e7ef3cd28743c45ae0971bbc642bcbb73e8a9f99a5dc6174598542e93b49bb38651a0c11dc3e9fe0fc759e40a0e5564cb5e7ef29dbb60
-
SSDEEP
12288:srto7EbSb958GjpjDK4i0oAGqj+3hPebgB2iFnDT+bKOwONz5J5JrRjH:srtoYbSb958gjugoAGZhPGgIubAd9Jrd
Score7/10-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-