General
-
Target
56bced5a1d1078bca4d0d2ca6f9a6c4e9e1805e84b04a561f29698ad6f7e8c66
-
Size
1.3MB
-
Sample
220725-cag18saafm
-
MD5
682e1fde77543b2fa45aad3d7332128e
-
SHA1
bd45b2ad0263474e575458a467a86dd9d1359103
-
SHA256
56bced5a1d1078bca4d0d2ca6f9a6c4e9e1805e84b04a561f29698ad6f7e8c66
-
SHA512
90e3a93604c969d8c9b48cdd87397c1cab583852e7dd6b99aeb7e0f87f76fe60140be47e191c706532c4ba0f276c661a9acb969a09440b1d7220e0a077ddcfc0
Static task
static1
Behavioral task
behavioral1
Sample
56bced5a1d1078bca4d0d2ca6f9a6c4e9e1805e84b04a561f29698ad6f7e8c66.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
56bced5a1d1078bca4d0d2ca6f9a6c4e9e1805e84b04a561f29698ad6f7e8c66
-
Size
1.3MB
-
MD5
682e1fde77543b2fa45aad3d7332128e
-
SHA1
bd45b2ad0263474e575458a467a86dd9d1359103
-
SHA256
56bced5a1d1078bca4d0d2ca6f9a6c4e9e1805e84b04a561f29698ad6f7e8c66
-
SHA512
90e3a93604c969d8c9b48cdd87397c1cab583852e7dd6b99aeb7e0f87f76fe60140be47e191c706532c4ba0f276c661a9acb969a09440b1d7220e0a077ddcfc0
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-