General
-
Target
5734b9637047bfc3f050c53d1796c352b467b5aeb629c76fc42ac016b01c3b3c
-
Size
1.0MB
-
Sample
220725-anxbzafcbl
-
MD5
8e70c05ea936bf05623bca85823fec4c
-
SHA1
0df9dade22ab1f83505f7a44ac1d0537d5f2ba3c
-
SHA256
5734b9637047bfc3f050c53d1796c352b467b5aeb629c76fc42ac016b01c3b3c
-
SHA512
bf3d53d505ab528284b7db9d6063f8ca81802e750e8197fe74f86c2b869c856f97c22cf13e839d532f0d16e6470cfbb4a3d1802bb3bc7fd5a845c09d2d893828
Static task
static1
Behavioral task
behavioral1
Sample
5734b9637047bfc3f050c53d1796c352b467b5aeb629c76fc42ac016b01c3b3c.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
5734b9637047bfc3f050c53d1796c352b467b5aeb629c76fc42ac016b01c3b3c.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
5734b9637047bfc3f050c53d1796c352b467b5aeb629c76fc42ac016b01c3b3c
-
Size
1.0MB
-
MD5
8e70c05ea936bf05623bca85823fec4c
-
SHA1
0df9dade22ab1f83505f7a44ac1d0537d5f2ba3c
-
SHA256
5734b9637047bfc3f050c53d1796c352b467b5aeb629c76fc42ac016b01c3b3c
-
SHA512
bf3d53d505ab528284b7db9d6063f8ca81802e750e8197fe74f86c2b869c856f97c22cf13e839d532f0d16e6470cfbb4a3d1802bb3bc7fd5a845c09d2d893828
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-