General
-
Target
5700f1f8f5e4ba09e5f683945d4384f8f5e72c1a54e8f2beb4bfe1de1a5fbd1d
-
Size
1.5MB
-
Sample
220725-bd7kmagecp
-
MD5
09a4ebcec4652bc093ce7d022dc4147e
-
SHA1
364dc6e2491561bbc0135e4d7cdc54edb3d47bc4
-
SHA256
5700f1f8f5e4ba09e5f683945d4384f8f5e72c1a54e8f2beb4bfe1de1a5fbd1d
-
SHA512
f0b8c69bacd7727370d83bb6bd67bda2a0a6427a92413d8c6bc7b11fe912ceb886e1bfc07cfb11d48a6fe82f7e4f69e7a53258854c1a2cf132afdedabc9ca9d4
Static task
static1
Behavioral task
behavioral1
Sample
5700f1f8f5e4ba09e5f683945d4384f8f5e72c1a54e8f2beb4bfe1de1a5fbd1d.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
5700f1f8f5e4ba09e5f683945d4384f8f5e72c1a54e8f2beb4bfe1de1a5fbd1d
-
Size
1.5MB
-
MD5
09a4ebcec4652bc093ce7d022dc4147e
-
SHA1
364dc6e2491561bbc0135e4d7cdc54edb3d47bc4
-
SHA256
5700f1f8f5e4ba09e5f683945d4384f8f5e72c1a54e8f2beb4bfe1de1a5fbd1d
-
SHA512
f0b8c69bacd7727370d83bb6bd67bda2a0a6427a92413d8c6bc7b11fe912ceb886e1bfc07cfb11d48a6fe82f7e4f69e7a53258854c1a2cf132afdedabc9ca9d4
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-