General
-
Target
f7afac39d2754ac953bf129ee094c8b092e349cdf35f1ba23c2c76a0229f9e96
-
Size
96KB
-
Sample
240614-ag68la1bln
-
MD5
8677376c509f0c66d1f02c6b66d7ef90
-
SHA1
e057eddf9d2e319967e200a5801e4bbe6e45862a
-
SHA256
f7afac39d2754ac953bf129ee094c8b092e349cdf35f1ba23c2c76a0229f9e96
-
SHA512
e0c685e289c10a48b5fa251aa4414653c103dac69faf536b9ae9598e066aab5a03b03c09096c42a0f244aeaf80f2b9e4aa28d6b28da436587a3f52a9155473d0
-
SSDEEP
1536:xcUkaFWP1/og2gnKHNk9DsMvWhuZMTz2PdA24LhtpgcIPfuaNZ:xchd1/NKU1u+A0fuQ
Malware Config
Targets
-
-
Target
f7afac39d2754ac953bf129ee094c8b092e349cdf35f1ba23c2c76a0229f9e96
-
Size
96KB
-
MD5
8677376c509f0c66d1f02c6b66d7ef90
-
SHA1
e057eddf9d2e319967e200a5801e4bbe6e45862a
-
SHA256
f7afac39d2754ac953bf129ee094c8b092e349cdf35f1ba23c2c76a0229f9e96
-
SHA512
e0c685e289c10a48b5fa251aa4414653c103dac69faf536b9ae9598e066aab5a03b03c09096c42a0f244aeaf80f2b9e4aa28d6b28da436587a3f52a9155473d0
-
SSDEEP
1536:xcUkaFWP1/og2gnKHNk9DsMvWhuZMTz2PdA24LhtpgcIPfuaNZ:xchd1/NKU1u+A0fuQ
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-
Creates new service(s)
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-