General
-
Target
5684eb502e12536b3eb283a844f75bdfccc69e7e30506d50bdb303c55cce3d8b
-
Size
1.5MB
-
Sample
220725-dcymfabhgk
-
MD5
510c77cf73afcbbde996a1875ebbda6a
-
SHA1
810a6b8a6f042d4fca17e58c39a46979214d4658
-
SHA256
5684eb502e12536b3eb283a844f75bdfccc69e7e30506d50bdb303c55cce3d8b
-
SHA512
9efb92b34314a7ad183cdb7d4de837de4fd5f1cf866bd13d68fad025ee0c68b44f1a8fdac1c87d352761bdcb29d448af70e892d0915dad046b24071850bc0db0
Static task
static1
Behavioral task
behavioral1
Sample
5684eb502e12536b3eb283a844f75bdfccc69e7e30506d50bdb303c55cce3d8b.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
5684eb502e12536b3eb283a844f75bdfccc69e7e30506d50bdb303c55cce3d8b.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
5684eb502e12536b3eb283a844f75bdfccc69e7e30506d50bdb303c55cce3d8b
-
Size
1.5MB
-
MD5
510c77cf73afcbbde996a1875ebbda6a
-
SHA1
810a6b8a6f042d4fca17e58c39a46979214d4658
-
SHA256
5684eb502e12536b3eb283a844f75bdfccc69e7e30506d50bdb303c55cce3d8b
-
SHA512
9efb92b34314a7ad183cdb7d4de837de4fd5f1cf866bd13d68fad025ee0c68b44f1a8fdac1c87d352761bdcb29d448af70e892d0915dad046b24071850bc0db0
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-