General
-
Target
uncategorized_3.0.0.0b.vir
-
Size
1.2MB
-
Sample
200719-fadbdbryxe
-
MD5
8e326a09b93cc447d0ea9a3992bb4962
-
SHA1
0a57892f4f92507f0f3405228274c5bfeb1103c5
-
SHA256
f990daf6364d6aeb0a8482a8fdab098b5790f29f2f34dd38ef4a83ac36827fe9
-
SHA512
1d4bf0071adef111a8166220f2089e6c4b4eace02a82eb306920cac9d12460173932bc76a83aba57db9331fa473a59035ba8ad05d9a748ceb6d7abc32e992c2a
Static task
static1
Behavioral task
behavioral1
Sample
uncategorized_3.0.0.0b.vir.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
uncategorized_3.0.0.0b.vir.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
uncategorized_3.0.0.0b.vir
-
Size
1.2MB
-
MD5
8e326a09b93cc447d0ea9a3992bb4962
-
SHA1
0a57892f4f92507f0f3405228274c5bfeb1103c5
-
SHA256
f990daf6364d6aeb0a8482a8fdab098b5790f29f2f34dd38ef4a83ac36827fe9
-
SHA512
1d4bf0071adef111a8166220f2089e6c4b4eace02a82eb306920cac9d12460173932bc76a83aba57db9331fa473a59035ba8ad05d9a748ceb6d7abc32e992c2a
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-