Resubmissions
13-06-2024 00:15
240613-ajydgawgpc 7General
-
Target
Galaxy Swapper v2.exe
-
Size
10.7MB
-
Sample
240613-ajydgawgpc
-
MD5
3cf7f11e3da78eeb96c558bee781298d
-
SHA1
f7adb2a33d3697da995f23cad6351434508bac3d
-
SHA256
87d6a5343b80cf6fb434dca7f7efe2be542974d83756bdb7774750d8f0d5dbbf
-
SHA512
3684763cd3351c324474d5b081fa791ae5eb29b3d8fa22bc5b1e929617d4badcd563ed620eb1ac1f2265c571660d3bae8eb3caf120cb1d276a3b4c9c0f274661
-
SSDEEP
196608:QcjhofUFS3J3w25ffH9tOb6Ye2BZiHhWWiVbMOVvu8ovcLFwi8:QAofdztLGicWiVbMOVvuxvcL+i8
Static task
static1
Behavioral task
behavioral1
Sample
Galaxy Swapper v2.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
Galaxy Swapper v2.exe
-
Size
10.7MB
-
MD5
3cf7f11e3da78eeb96c558bee781298d
-
SHA1
f7adb2a33d3697da995f23cad6351434508bac3d
-
SHA256
87d6a5343b80cf6fb434dca7f7efe2be542974d83756bdb7774750d8f0d5dbbf
-
SHA512
3684763cd3351c324474d5b081fa791ae5eb29b3d8fa22bc5b1e929617d4badcd563ed620eb1ac1f2265c571660d3bae8eb3caf120cb1d276a3b4c9c0f274661
-
SSDEEP
196608:QcjhofUFS3J3w25ffH9tOb6Ye2BZiHhWWiVbMOVvu8ovcLFwi8:QAofdztLGicWiVbMOVvuxvcL+i8
Score7/10-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-