General
-
Target
12971c228512d222498e24ad1a5aad8464e43738a86807686240863ae208452a
-
Size
292KB
-
Sample
220603-sfjd9aeefl
-
MD5
5652ed4384e659acec44f9ab3babc6e8
-
SHA1
576d278d6fa40f54e16a3ac89284e074473da642
-
SHA256
12971c228512d222498e24ad1a5aad8464e43738a86807686240863ae208452a
-
SHA512
b3bfebfff3a8b1d64d82eea2471e6fcc13074f311a0f7f1e7c10f2fd6029f7b8742b3ee845c21f754824175259c2c70ccb0bb25e3e4b85e4fd0a60740d2a4823
Static task
static1
Behavioral task
behavioral1
Sample
12971c228512d222498e24ad1a5aad8464e43738a86807686240863ae208452a.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
12971c228512d222498e24ad1a5aad8464e43738a86807686240863ae208452a.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
12971c228512d222498e24ad1a5aad8464e43738a86807686240863ae208452a
-
Size
292KB
-
MD5
5652ed4384e659acec44f9ab3babc6e8
-
SHA1
576d278d6fa40f54e16a3ac89284e074473da642
-
SHA256
12971c228512d222498e24ad1a5aad8464e43738a86807686240863ae208452a
-
SHA512
b3bfebfff3a8b1d64d82eea2471e6fcc13074f311a0f7f1e7c10f2fd6029f7b8742b3ee845c21f754824175259c2c70ccb0bb25e3e4b85e4fd0a60740d2a4823
Score7/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-