General
-
Target
4aa6e55d6bec213d108f1fec755bbce549b6c8f5c1f3cdc40ebd14146e4d2a2a
-
Size
288KB
-
Sample
221123-vt6stach8w
-
MD5
170c6f65990be00ae9ac9cf010f5fbf4
-
SHA1
0116c544bd06a7bf5de8f484fb14250e34ad0237
-
SHA256
4aa6e55d6bec213d108f1fec755bbce549b6c8f5c1f3cdc40ebd14146e4d2a2a
-
SHA512
d6b3baca6592e2f709e92d761c7a2a89bdce88135a7982ea33c8a145a5e81f2b119df69fd3a62372a0107746e15fc74e8402c97465311dd77d78fcfb4e1957ca
-
SSDEEP
3072:TvoF4J/lzmmNgWEDMTbyWf8HtsUVmA3JYNCsmgoOQDut7yhVEu/jCWLPKYOhgvIU:Tvo6P6m2YTbyWUNgAFDht/dGLhQIrkJ
Malware Config
Targets
-
-
Target
4aa6e55d6bec213d108f1fec755bbce549b6c8f5c1f3cdc40ebd14146e4d2a2a
-
Size
288KB
-
MD5
170c6f65990be00ae9ac9cf010f5fbf4
-
SHA1
0116c544bd06a7bf5de8f484fb14250e34ad0237
-
SHA256
4aa6e55d6bec213d108f1fec755bbce549b6c8f5c1f3cdc40ebd14146e4d2a2a
-
SHA512
d6b3baca6592e2f709e92d761c7a2a89bdce88135a7982ea33c8a145a5e81f2b119df69fd3a62372a0107746e15fc74e8402c97465311dd77d78fcfb4e1957ca
-
SSDEEP
3072:TvoF4J/lzmmNgWEDMTbyWf8HtsUVmA3JYNCsmgoOQDut7yhVEu/jCWLPKYOhgvIU:Tvo6P6m2YTbyWUNgAFDht/dGLhQIrkJ
Score8/10-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-