General
-
Target
1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c
-
Size
1.7MB
-
Sample
220607-yjxnyafben
-
MD5
e9a2b9d42ce896d9e32657c59d77e1b2
-
SHA1
8e8175300ce54b01c5e18624cf3309c753a271bf
-
SHA256
1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c
-
SHA512
a797619a6b9b2b041ac0e5812b91386ac5899cf98f511588bb56709cf7d44ada4e2e98ffcca4c69ebe2cf1c987dc1f852d1a39f6a1d0f402db57d94bc5766213
Static task
static1
Behavioral task
behavioral1
Sample
1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c.exe
Resource
win7-20220414-en
Malware Config
Extracted
socelars
https://sa-us-bucket.s3.us-east-2.amazonaws.com/usahd1/
Targets
-
-
Target
1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c
-
Size
1.7MB
-
MD5
e9a2b9d42ce896d9e32657c59d77e1b2
-
SHA1
8e8175300ce54b01c5e18624cf3309c753a271bf
-
SHA256
1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c
-
SHA512
a797619a6b9b2b041ac0e5812b91386ac5899cf98f511588bb56709cf7d44ada4e2e98ffcca4c69ebe2cf1c987dc1f852d1a39f6a1d0f402db57d94bc5766213
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-