General
-
Target
502a0e685078b5c44fd566ea2f14c7f998fbb1d04f6527a5c289bc661e6b9944
-
Size
943KB
-
Sample
220719-leb58aahe5
-
MD5
8e048607275f42adff61e4adfee9df0c
-
SHA1
e371fddeb36b88381a7670a5fd32f6a0567d9124
-
SHA256
502a0e685078b5c44fd566ea2f14c7f998fbb1d04f6527a5c289bc661e6b9944
-
SHA512
0841226e5ed67a608047404b56f1ec97192bc446a06757b2bdc2c3bf9f7cfa3b9325bb9eb56cc81a30d289ce8624980ef752d1612a1ada53182575e404b1c00f
Static task
static1
Behavioral task
behavioral1
Sample
502a0e685078b5c44fd566ea2f14c7f998fbb1d04f6527a5c289bc661e6b9944.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
502a0e685078b5c44fd566ea2f14c7f998fbb1d04f6527a5c289bc661e6b9944.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
sendsafe
UNREGISTERED
91.220.131.43:50003
91.220.131.43:50004
-
service_name
Enterprise Mailing Service
Targets
-
-
Target
502a0e685078b5c44fd566ea2f14c7f998fbb1d04f6527a5c289bc661e6b9944
-
Size
943KB
-
MD5
8e048607275f42adff61e4adfee9df0c
-
SHA1
e371fddeb36b88381a7670a5fd32f6a0567d9124
-
SHA256
502a0e685078b5c44fd566ea2f14c7f998fbb1d04f6527a5c289bc661e6b9944
-
SHA512
0841226e5ed67a608047404b56f1ec97192bc446a06757b2bdc2c3bf9f7cfa3b9325bb9eb56cc81a30d289ce8624980ef752d1612a1ada53182575e404b1c00f
Score10/10-
SendSafe payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-