General
-
Target
55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0
-
Size
210KB
-
Sample
221123-rl6ajagh86
-
MD5
c520fcd1769620b61125ae6df2ccaabf
-
SHA1
eb435d105d0f3ccb889cf8cae993861263eb7643
-
SHA256
55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0
-
SHA512
253af4180c7535e96e40ff289e899efec23522718b4a90362cc45cb8a3a737bc999184c3a1c8ba3fd2d125517d148ba5976c04d7461bfa4d1270fb75dd75da31
-
SSDEEP
3072:kIM0v/eJvCeXoBapseh8hqyU4lamrIJDN:kI7Jo8cyU4ldrIR
Static task
static1
Behavioral task
behavioral1
Sample
55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0
-
Size
210KB
-
MD5
c520fcd1769620b61125ae6df2ccaabf
-
SHA1
eb435d105d0f3ccb889cf8cae993861263eb7643
-
SHA256
55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0
-
SHA512
253af4180c7535e96e40ff289e899efec23522718b4a90362cc45cb8a3a737bc999184c3a1c8ba3fd2d125517d148ba5976c04d7461bfa4d1270fb75dd75da31
-
SSDEEP
3072:kIM0v/eJvCeXoBapseh8hqyU4lamrIJDN:kI7Jo8cyU4ldrIR
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-