General
-
Target
988103f227a80a74be7836bd77d6dfd70c3bedff8c6f574e5818a5f6e52fe059
-
Size
3.8MB
-
Sample
220524-azyn6sadd2
-
MD5
795847175d72c68819a2f8e0dfed1e98
-
SHA1
00c46c3540cbaa0b5a3e072ad0cd6a35fad49102
-
SHA256
988103f227a80a74be7836bd77d6dfd70c3bedff8c6f574e5818a5f6e52fe059
-
SHA512
316eb4693aa242f94ee9071d6a82db81ec851dd40cee6879c2ea924fed7c3ae9ab02e7cab5a7c51231a54c3ffc4df3536a5ff5b99902f8a8af440232357c9d5a
Static task
static1
Behavioral task
behavioral1
Sample
988103f227a80a74be7836bd77d6dfd70c3bedff8c6f574e5818a5f6e52fe059.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
988103f227a80a74be7836bd77d6dfd70c3bedff8c6f574e5818a5f6e52fe059.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
988103f227a80a74be7836bd77d6dfd70c3bedff8c6f574e5818a5f6e52fe059
-
Size
3.8MB
-
MD5
795847175d72c68819a2f8e0dfed1e98
-
SHA1
00c46c3540cbaa0b5a3e072ad0cd6a35fad49102
-
SHA256
988103f227a80a74be7836bd77d6dfd70c3bedff8c6f574e5818a5f6e52fe059
-
SHA512
316eb4693aa242f94ee9071d6a82db81ec851dd40cee6879c2ea924fed7c3ae9ab02e7cab5a7c51231a54c3ffc4df3536a5ff5b99902f8a8af440232357c9d5a
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Modifies boot configuration data using bcdedit
-