General
-
Target
SecuriteInfo.com.Win32.Kryptik.HENB.18157
-
Size
579KB
-
Sample
200630-a9v2wz3hds
-
MD5
a37a8840e9e8d07c73861a1353013ba2
-
SHA1
403c6a9e7159480ba75f4250f2d946226de92d4b
-
SHA256
e7f1b2d2601e9a6427a155a3599614c09c9edaae7eb8f10b81e1f3e117717157
-
SHA512
88e7eb3f6648c7baab747bae3afae839a9b13e12ff8ec861e4df262dbd2ab469de7274c02a716ba0e7fe6ecde4b9fe365f53cd4e9433a389080be92840e0c15c
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.Kryptik.HENB.18157.dll
Resource
win7
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.Kryptik.HENB.18157
-
Size
579KB
-
MD5
a37a8840e9e8d07c73861a1353013ba2
-
SHA1
403c6a9e7159480ba75f4250f2d946226de92d4b
-
SHA256
e7f1b2d2601e9a6427a155a3599614c09c9edaae7eb8f10b81e1f3e117717157
-
SHA512
88e7eb3f6648c7baab747bae3afae839a9b13e12ff8ec861e4df262dbd2ab469de7274c02a716ba0e7fe6ecde4b9fe365f53cd4e9433a389080be92840e0c15c
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Blacklisted process makes network request
-
Suspicious use of SetThreadContext
-