General
-
Target
gunzipped.exe
-
Size
773KB
-
Sample
220315-wfrmeaebf5
-
MD5
fd5a0326a71e89b2ff144ea336fac113
-
SHA1
aa6b046a0ed889b59cdb0ee9a957c4c6d542e233
-
SHA256
bda50ff249b947617d9551c717e78131ed32bf77db9dc5b7591d3e1af6cb2f1a
-
SHA512
51a75041b8fe9dab9cb51e28b39a497eff7ccb4c81311223ec92492cd3ddcfb6bc91ebf555f61a8b25423d81fd692920b44980ab306acb3b8451b633f297b800
Static task
static1
Behavioral task
behavioral1
Sample
gunzipped.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
gunzipped.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
gunzipped.exe
-
Size
773KB
-
MD5
fd5a0326a71e89b2ff144ea336fac113
-
SHA1
aa6b046a0ed889b59cdb0ee9a957c4c6d542e233
-
SHA256
bda50ff249b947617d9551c717e78131ed32bf77db9dc5b7591d3e1af6cb2f1a
-
SHA512
51a75041b8fe9dab9cb51e28b39a497eff7ccb4c81311223ec92492cd3ddcfb6bc91ebf555f61a8b25423d81fd692920b44980ab306acb3b8451b633f297b800
Score10/10-
Adds policy Run key to start application
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Program crash
-
Suspicious use of SetThreadContext
-