General
-
Target
froiiiiiS54AqSO8x6.exe
-
Size
808KB
-
Sample
230319-b4m9nsed58
-
MD5
7cd39f854e71cb4fc42e0318032d0c4c
-
SHA1
63b231e6336be60d274c696e926c06a91ce85185
-
SHA256
45e9824c87d284abd7072c0eb8c2bfdbeba2eb0b15005c36499df62d370f310e
-
SHA512
150c7d04499734019de685a866861311a1e1eb56bd9926d9e4b35fbae20d2edebd2aa3ca0a045c9b84aa3751dd1ae6f115a725b2cb42b278c7d32f0c640e7acb
-
SSDEEP
24576:GCD34eBS4FDvRdNcsYk8BfOhFtoBtqC8JWhbr:v34R4FD9csYkqUF2tsgbr
Static task
static1
Behavioral task
behavioral1
Sample
froiiiiiS54AqSO8x6.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
froiiiiiS54AqSO8x6.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
froiiiiiS54AqSO8x6.exe
-
Size
808KB
-
MD5
7cd39f854e71cb4fc42e0318032d0c4c
-
SHA1
63b231e6336be60d274c696e926c06a91ce85185
-
SHA256
45e9824c87d284abd7072c0eb8c2bfdbeba2eb0b15005c36499df62d370f310e
-
SHA512
150c7d04499734019de685a866861311a1e1eb56bd9926d9e4b35fbae20d2edebd2aa3ca0a045c9b84aa3751dd1ae6f115a725b2cb42b278c7d32f0c640e7acb
-
SSDEEP
24576:GCD34eBS4FDvRdNcsYk8BfOhFtoBtqC8JWhbr:v34R4FD9csYkqUF2tsgbr
Score7/10-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-