General
-
Target
a8a2c05606db0b08fd77dfc4fb96728160cd786860deb6d31018825648e9ffae
-
Size
432KB
-
Sample
230828-1fby6sbb2x
-
MD5
1ec07a06295fbd106998f68f81035292
-
SHA1
9344788b70d9e4be55aefcf7fc031834463582ef
-
SHA256
a8a2c05606db0b08fd77dfc4fb96728160cd786860deb6d31018825648e9ffae
-
SHA512
922bff3a99501c286450982eab6b5375c9b4833c8090f661a1bb93eaa3a6bc6ac60589a2d91bc11e1422c41ef52629502af3980cc02cd28dcaf567fe2d90024f
-
SSDEEP
12288:kov9YJjrV+pJR6cuXFqaYCL9yKASIAcl3hkWWlyvQO:B+JHVyR6xXky0KASbcdh6yvQO
Behavioral task
behavioral1
Sample
a8a2c05606db0b08fd77dfc4fb96728160cd786860deb6d31018825648e9ffae.dll
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
a8a2c05606db0b08fd77dfc4fb96728160cd786860deb6d31018825648e9ffae
-
Size
432KB
-
MD5
1ec07a06295fbd106998f68f81035292
-
SHA1
9344788b70d9e4be55aefcf7fc031834463582ef
-
SHA256
a8a2c05606db0b08fd77dfc4fb96728160cd786860deb6d31018825648e9ffae
-
SHA512
922bff3a99501c286450982eab6b5375c9b4833c8090f661a1bb93eaa3a6bc6ac60589a2d91bc11e1422c41ef52629502af3980cc02cd28dcaf567fe2d90024f
-
SSDEEP
12288:kov9YJjrV+pJR6cuXFqaYCL9yKASIAcl3hkWWlyvQO:B+JHVyR6xXky0KASbcdh6yvQO
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-