General
-
Target
14c5e34d5fc3699f1c61a28a7fce9e28b15ff768e68140b064bcb7c71ea960ed
-
Size
2.7MB
-
Sample
220907-17cpsadah7
-
MD5
f2aa6f480b4cfccdf9b0d83f57b406c4
-
SHA1
fa7dfb217432fe5777775dec37235a9458afc423
-
SHA256
14c5e34d5fc3699f1c61a28a7fce9e28b15ff768e68140b064bcb7c71ea960ed
-
SHA512
53ab0edcd814f00bc2ae158a975dfcef4e28a08477d789bab61ca71a2652873fff51bdb988d478d0442f6f1fe0224d9095da38e0065b06a590906729915b2a50
-
SSDEEP
49152:V/OkG6v1KScEYMXJUpcjEFLX9nHmQHThshwN/8VwdlDZRkx8DSDB79nxNwvr2y:RGo1KSdRUpcjE59nH591fd1Z+xk6B79e
Static task
static1
Behavioral task
behavioral1
Sample
14c5e34d5fc3699f1c61a28a7fce9e28b15ff768e68140b064bcb7c71ea960ed.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
14c5e34d5fc3699f1c61a28a7fce9e28b15ff768e68140b064bcb7c71ea960ed
-
Size
2.7MB
-
MD5
f2aa6f480b4cfccdf9b0d83f57b406c4
-
SHA1
fa7dfb217432fe5777775dec37235a9458afc423
-
SHA256
14c5e34d5fc3699f1c61a28a7fce9e28b15ff768e68140b064bcb7c71ea960ed
-
SHA512
53ab0edcd814f00bc2ae158a975dfcef4e28a08477d789bab61ca71a2652873fff51bdb988d478d0442f6f1fe0224d9095da38e0065b06a590906729915b2a50
-
SSDEEP
49152:V/OkG6v1KScEYMXJUpcjEFLX9nHmQHThshwN/8VwdlDZRkx8DSDB79nxNwvr2y:RGo1KSdRUpcjE59nH591fd1Z+xk6B79e
-
Modifies security service
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Stops running service(s)
-
Deletes itself
-
Modifies file permissions
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-