General
-
Target
cf822f50e274b82120b3389049e8931948bc535a4b95c905efa9416225668c2e
-
Size
309KB
-
Sample
220605-ldws8sdgdk
-
MD5
7d40376fee22fcd7c818a9fec569ba68
-
SHA1
97e9ab6393116df99769e48595501b54fb01f65f
-
SHA256
cf822f50e274b82120b3389049e8931948bc535a4b95c905efa9416225668c2e
-
SHA512
2eaa34fbbfa4d03f6e7c1bf31f79880cea0ef00af17f13007aaf5d53cd15ed4632a4807408384a6392acb18e995eab6e77bb60413faee8814da5f9c6c0503e22
Static task
static1
Behavioral task
behavioral1
Sample
cf822f50e274b82120b3389049e8931948bc535a4b95c905efa9416225668c2e.exe
Resource
win10-20220414-en
Malware Config
Extracted
tofsee
svartalfheim.top
jotunheim.name
Targets
-
-
Target
cf822f50e274b82120b3389049e8931948bc535a4b95c905efa9416225668c2e
-
Size
309KB
-
MD5
7d40376fee22fcd7c818a9fec569ba68
-
SHA1
97e9ab6393116df99769e48595501b54fb01f65f
-
SHA256
cf822f50e274b82120b3389049e8931948bc535a4b95c905efa9416225668c2e
-
SHA512
2eaa34fbbfa4d03f6e7c1bf31f79880cea0ef00af17f13007aaf5d53cd15ed4632a4807408384a6392acb18e995eab6e77bb60413faee8814da5f9c6c0503e22
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-