General
-
Target
4743ecba0417b013945fc84374fe594368f9d2ee4c0584056e9bd1d8ec5f345e
-
Size
3.4MB
-
Sample
230327-y6efwahb5t
-
MD5
aed94e2e2b73f907e64c3c42dbc0361f
-
SHA1
03f3d4c71cf5b3d97798c6fe1677e5627e164cb6
-
SHA256
4743ecba0417b013945fc84374fe594368f9d2ee4c0584056e9bd1d8ec5f345e
-
SHA512
d9a222dda93a2590ae27a7bacfd8f959c04971b1f8522d7053dcaf97c457df25d714d8c30ca73f7f1bcff3be8c7145292e16ee1903bfdee22ed5d0274acc6525
-
SSDEEP
98304:xK1xSdXvKNmorEZCXZcVrx5EibycA63ZZQi/hmnbpHWp:KmohXZyTl+d63pmVi
Static task
static1
Malware Config
Targets
-
-
Target
4743ecba0417b013945fc84374fe594368f9d2ee4c0584056e9bd1d8ec5f345e
-
Size
3.4MB
-
MD5
aed94e2e2b73f907e64c3c42dbc0361f
-
SHA1
03f3d4c71cf5b3d97798c6fe1677e5627e164cb6
-
SHA256
4743ecba0417b013945fc84374fe594368f9d2ee4c0584056e9bd1d8ec5f345e
-
SHA512
d9a222dda93a2590ae27a7bacfd8f959c04971b1f8522d7053dcaf97c457df25d714d8c30ca73f7f1bcff3be8c7145292e16ee1903bfdee22ed5d0274acc6525
-
SSDEEP
98304:xK1xSdXvKNmorEZCXZcVrx5EibycA63ZZQi/hmnbpHWp:KmohXZyTl+d63pmVi
-
XMRig Miner payload
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-