General
-
Target
45e247392ea8d6187fd469161a3cb3ec2c465deacdf624f9cfafda37d070f26e
-
Size
270KB
-
Sample
220124-jn61vadeh9
-
MD5
67abef7218b3cc16b6cb7177643c1886
-
SHA1
2026aac881ee7a6d32b30e1b0cc326bb618db878
-
SHA256
45e247392ea8d6187fd469161a3cb3ec2c465deacdf624f9cfafda37d070f26e
-
SHA512
18ab11ac2a12995515f5480b837d20fc9c1ce9103fe2aa2bc0c325f8d67c576483fe9a69ae9027d8a0db3a30f3dfed2f2a38175b63032ecbcc6e7cec1f72a136
Static task
static1
Behavioral task
behavioral1
Sample
45e247392ea8d6187fd469161a3cb3ec2c465deacdf624f9cfafda37d070f26e.exe
Resource
win10-en-20211208
Malware Config
Extracted
tofsee
patmushta.info
ovicrush.cn
Targets
-
-
Target
45e247392ea8d6187fd469161a3cb3ec2c465deacdf624f9cfafda37d070f26e
-
Size
270KB
-
MD5
67abef7218b3cc16b6cb7177643c1886
-
SHA1
2026aac881ee7a6d32b30e1b0cc326bb618db878
-
SHA256
45e247392ea8d6187fd469161a3cb3ec2c465deacdf624f9cfafda37d070f26e
-
SHA512
18ab11ac2a12995515f5480b837d20fc9c1ce9103fe2aa2bc0c325f8d67c576483fe9a69ae9027d8a0db3a30f3dfed2f2a38175b63032ecbcc6e7cec1f72a136
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Suspicious use of SetThreadContext
-