General
-
Target
2b0b9bfe347af1b28818e71caa4a0c6729a8a0df980f8cba4f5fca72e912a9be
-
Size
1.6MB
-
Sample
220524-bgswmseeen
-
MD5
b85ea0a09ebdf4c2dfb65dd288d15998
-
SHA1
32aac9435ddd5e0294660264fe4d7012bda074cd
-
SHA256
2b0b9bfe347af1b28818e71caa4a0c6729a8a0df980f8cba4f5fca72e912a9be
-
SHA512
d1b66783ce62366f35c721ce8345fae8d0a17416b168e14b479943fe943431eb593b814c5af760cc07ab20dd398f051d9c2eaa278fc52c53b09250912f9746a6
Static task
static1
Behavioral task
behavioral1
Sample
2b0b9bfe347af1b28818e71caa4a0c6729a8a0df980f8cba4f5fca72e912a9be.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2b0b9bfe347af1b28818e71caa4a0c6729a8a0df980f8cba4f5fca72e912a9be.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
2b0b9bfe347af1b28818e71caa4a0c6729a8a0df980f8cba4f5fca72e912a9be
-
Size
1.6MB
-
MD5
b85ea0a09ebdf4c2dfb65dd288d15998
-
SHA1
32aac9435ddd5e0294660264fe4d7012bda074cd
-
SHA256
2b0b9bfe347af1b28818e71caa4a0c6729a8a0df980f8cba4f5fca72e912a9be
-
SHA512
d1b66783ce62366f35c721ce8345fae8d0a17416b168e14b479943fe943431eb593b814c5af760cc07ab20dd398f051d9c2eaa278fc52c53b09250912f9746a6
Score10/10-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-