General
-
Target
b4870409b801692faf71a13983f411bc6d39d0503177b105f888c6d0097a3ab8
-
Size
270KB
-
Sample
220124-lsm5msebdq
-
MD5
303b3d03908034295d2ede5b6ea07f57
-
SHA1
1fa657bc725e38ba78092c2cfb315b2c6266b5af
-
SHA256
b4870409b801692faf71a13983f411bc6d39d0503177b105f888c6d0097a3ab8
-
SHA512
8f629b62b5df4ec4b342aef4a7e4b18856c757fd00b9f4937fa5d9ae0ecea56c654fdc7af177b46429a2a1a3801e53ff6e9b16a7bddaaaea1f5af3be83d9a3e0
Static task
static1
Behavioral task
behavioral1
Sample
b4870409b801692faf71a13983f411bc6d39d0503177b105f888c6d0097a3ab8.exe
Resource
win10-en-20211208
Malware Config
Extracted
tofsee
patmushta.info
ovicrush.cn
Targets
-
-
Target
b4870409b801692faf71a13983f411bc6d39d0503177b105f888c6d0097a3ab8
-
Size
270KB
-
MD5
303b3d03908034295d2ede5b6ea07f57
-
SHA1
1fa657bc725e38ba78092c2cfb315b2c6266b5af
-
SHA256
b4870409b801692faf71a13983f411bc6d39d0503177b105f888c6d0097a3ab8
-
SHA512
8f629b62b5df4ec4b342aef4a7e4b18856c757fd00b9f4937fa5d9ae0ecea56c654fdc7af177b46429a2a1a3801e53ff6e9b16a7bddaaaea1f5af3be83d9a3e0
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Suspicious use of SetThreadContext
-