General
-
Target
New Text Document mod.exse.zip
-
Size
3KB
-
Sample
231220-rw14kafcc2
-
MD5
9a844d7c46080976329f01bfe0678d18
-
SHA1
7a792324a579c2174a9eeab9be9499026c0ae88e
-
SHA256
910503e84802a7ecca28a47e128d93b45fc29cae30ba38e5e5eca141c65dedf8
-
SHA512
e83d4f318970da31224a28b5469fb6181c0197db13bbe06a89f5264a81c9cd02a4a8e93e07e8aa9411eb8a15173a2db05cde35d57c022ad6793e2b939ab4dd76
Static task
static1
Behavioral task
behavioral1
Sample
New Text Document mod.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
New Text Document mod.exe
Resource
win10-20231215-en
Behavioral task
behavioral3
Sample
New Text Document mod.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
New Text Document mod.exse
-
Size
8KB
-
MD5
69994ff2f00eeca9335ccd502198e05b
-
SHA1
b13a15a5bea65b711b835ce8eccd2a699a99cead
-
SHA256
2e2e035ece4accdee838ecaacdc263fa526939597954d18d1320d73c8bf810c2
-
SHA512
ced53147894ed2dfc980bcb50767d9734ba8021f85842a53bb4bb4c502d51b4e9884f5f74c4dd2b70b53cafbe2441376675f7bd0f19bb20a3becb091a34fb9f3
-
SSDEEP
96:y7ov9wc1dN1Unh3EHJ40CUJCrQt0LpCBIW12nEtgpH9GIkQYQoBNw9fnmK5iLjTv:yZyTFJfCB20LsBIW12n/eIkQ2BNg5S1
-
XMRig Miner payload
-
Downloads MZ/PE file
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Executes dropped EXE
-
Uses the VBS compiler for execution
-