General
-
Target
68e13d12273780f9fff621947ebcec70.exe
-
Size
1.0MB
-
Sample
221123-xgxeqaaa2t
-
MD5
68e13d12273780f9fff621947ebcec70
-
SHA1
2138ad56054273073df614dba3800e3a92292c31
-
SHA256
ae75ea24367ee8472c936fd70cbc4428fb83ec546f2cc17def3c95cbf6abd67e
-
SHA512
4a2df5bbbafabb1ae120d4e9ea1a1b90473c42812f5059df63b7b4eaab48408b0bbe712a79ea79c43fc9ee5fe09da89be1f23fc85f296569f4a6d03c5cdf21d7
-
SSDEEP
24576:YuDLYe9wBCwOoSknrA6xNJ7IRjNw77KtENfla27N5KN:YgLlwYwOoJA3w7xvPKN
Malware Config
Targets
-
-
Target
68e13d12273780f9fff621947ebcec70.exe
-
Size
1.0MB
-
MD5
68e13d12273780f9fff621947ebcec70
-
SHA1
2138ad56054273073df614dba3800e3a92292c31
-
SHA256
ae75ea24367ee8472c936fd70cbc4428fb83ec546f2cc17def3c95cbf6abd67e
-
SHA512
4a2df5bbbafabb1ae120d4e9ea1a1b90473c42812f5059df63b7b4eaab48408b0bbe712a79ea79c43fc9ee5fe09da89be1f23fc85f296569f4a6d03c5cdf21d7
-
SSDEEP
24576:YuDLYe9wBCwOoSknrA6xNJ7IRjNw77KtENfla27N5KN:YgLlwYwOoJA3w7xvPKN
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-