General
-
Target
09bc9c08f80f93317cd8769f85d8921787c677033a5b12a6c310fb92d83f6e41
-
Size
1.2MB
-
Sample
210928-lcg9fsbdb3
-
MD5
a1b69800aeb7ecbc49ebb13ce4a88737
-
SHA1
96e25aed75903a5a84be3175c6e834a44833bc5d
-
SHA256
09bc9c08f80f93317cd8769f85d8921787c677033a5b12a6c310fb92d83f6e41
-
SHA512
d4d5112b5f7c7ed676b2d41828b25a339a39235aaf8de51bc1cfdd35a73acf279cd3e7ac0434f93eaf20d35f9a5173ff0c49987b6d5b8e4e03131c29dedc20c5
Static task
static1
Behavioral task
behavioral1
Sample
09bc9c08f80f93317cd8769f85d8921787c677033a5b12a6c310fb92d83f6e41.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
09bc9c08f80f93317cd8769f85d8921787c677033a5b12a6c310fb92d83f6e41.exe
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
09bc9c08f80f93317cd8769f85d8921787c677033a5b12a6c310fb92d83f6e41
-
Size
1.2MB
-
MD5
a1b69800aeb7ecbc49ebb13ce4a88737
-
SHA1
96e25aed75903a5a84be3175c6e834a44833bc5d
-
SHA256
09bc9c08f80f93317cd8769f85d8921787c677033a5b12a6c310fb92d83f6e41
-
SHA512
d4d5112b5f7c7ed676b2d41828b25a339a39235aaf8de51bc1cfdd35a73acf279cd3e7ac0434f93eaf20d35f9a5173ff0c49987b6d5b8e4e03131c29dedc20c5
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-