General
-
Target
xeroxscanner13012022.exe
-
Size
852KB
-
Sample
220113-ylg19sccd4
-
MD5
4672855d9562d4dfbf309d3676ff5df7
-
SHA1
648779f7d24a50830582d7c35515ed9a42cda7e5
-
SHA256
2874ed24596c71b8a60ec07c834d203ec7daadfa430c05b54bc6a5bf2c5cb6a6
-
SHA512
57224a6597cff15fa8b2e5282d89240ea1c692663e769c8b2448badfd2928b4b98bf8e198204fdddc1080924f7288fd45524113a88fa3509da636089eda346b1
Static task
static1
Behavioral task
behavioral1
Sample
xeroxscanner13012022.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
xeroxscanner13012022.exe
-
Size
852KB
-
MD5
4672855d9562d4dfbf309d3676ff5df7
-
SHA1
648779f7d24a50830582d7c35515ed9a42cda7e5
-
SHA256
2874ed24596c71b8a60ec07c834d203ec7daadfa430c05b54bc6a5bf2c5cb6a6
-
SHA512
57224a6597cff15fa8b2e5282d89240ea1c692663e769c8b2448badfd2928b4b98bf8e198204fdddc1080924f7288fd45524113a88fa3509da636089eda346b1
-
Async RAT payload
-
Executes dropped EXE
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-