DllRegisterServer
KXI
MHx229
Tin22PP
Vaevy8305
Overview
overview
10Static
static
Claim_Copy.lnk
windows7-x64
3Claim_Copy.lnk
windows10-2004-x64
3fathomed/a...cy.dll
windows7-x64
10fathomed/a...cy.dll
windows10-2004-x64
10fathomed/d...zes.js
windows7-x64
3fathomed/d...zes.js
windows10-2004-x64
1fathomed/j...ed.cmd
windows7-x64
1fathomed/j...ed.cmd
windows10-2004-x64
1Static task
static1
Behavioral task
behavioral1
Sample
Claim_Copy.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Claim_Copy.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
fathomed/autocracy.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
fathomed/autocracy.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
fathomed/datesTemporizes.js
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
fathomed/datesTemporizes.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
fathomed/jerksMoralized.cmd
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
fathomed/jerksMoralized.cmd
Resource
win10v2004-20220901-en
Target
20220920_ta570.zip
Size
401KB
MD5
076116abb0ab9b72c99094a337b52ac1
SHA1
3d83ba7ed6f5702db1ec4f4913d182f4d16646cb
SHA256
6e979641cc9aff20e90c935f41f0f14f5ed6fc373aa09e5828fc50b4c5c70019
SHA512
997a18f9b972b252b58b67bfc7cdda5c3a1662380458cd7df1a213b1a224a848c5a79184540515ee14ea3fd55abb942b920ce6456d784cfca120c60e2c0a04af
SSDEEP
6144:VaRCLsd6jvYadwURID1/FQz6Iw4+VFajq6WQLjggfL6dHnLGi3M0eoAlA4Mhg50f:wrw2GztV+V0q6Rcf0i3M0uFVn2ww
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetStdHandle
GetCurrentDirectoryA
CreateFileA
SetFilePointer
CloseHandle
GetLastError
PeekNamedPipe
HeapAlloc
HeapFree
GetProcessHeap
WaitForSingleObject
ExitProcess
CreateThread
GetCurrentThreadId
GetSystemDirectoryA
VirtualAlloc
GetProcAddress
LoadLibraryA
CreateNamedPipeA
GetCurrentActCtx
DllRegisterServer
KXI
MHx229
Tin22PP
Vaevy8305
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ