General
-
Target
af4515bb1ca19b5fdc2cf47391594cb4ca3f2c3063a1c703e4331e741d31e4fc
-
Size
167KB
-
Sample
221125-2jvq5afa3x
-
MD5
65e43f6b5f4bbf71f6ecab7473d5f169
-
SHA1
647be05e012efc56178c827e429208f773e7358c
-
SHA256
af4515bb1ca19b5fdc2cf47391594cb4ca3f2c3063a1c703e4331e741d31e4fc
-
SHA512
9da8f0b9be029a65d2971ccb936a0c0a08a33275f3260ac232f497744ba8bb088dd377a0aaf2c083cdc3d2bb0d1f39d9af19ac79f245276ce64c43fe1adb07c9
-
SSDEEP
3072:RPJ1pyY1u2XpS5VL7++e3BuFF9uOnWR0vkqNuG2:N0iZXh+eKFlWmk+u
Static task
static1
Behavioral task
behavioral1
Sample
af4515bb1ca19b5fdc2cf47391594cb4ca3f2c3063a1c703e4331e741d31e4fc.exe
Resource
win10-20220812-en
Malware Config
Extracted
tofsee
svartalfheim.top
jotunheim.name
Targets
-
-
Target
af4515bb1ca19b5fdc2cf47391594cb4ca3f2c3063a1c703e4331e741d31e4fc
-
Size
167KB
-
MD5
65e43f6b5f4bbf71f6ecab7473d5f169
-
SHA1
647be05e012efc56178c827e429208f773e7358c
-
SHA256
af4515bb1ca19b5fdc2cf47391594cb4ca3f2c3063a1c703e4331e741d31e4fc
-
SHA512
9da8f0b9be029a65d2971ccb936a0c0a08a33275f3260ac232f497744ba8bb088dd377a0aaf2c083cdc3d2bb0d1f39d9af19ac79f245276ce64c43fe1adb07c9
-
SSDEEP
3072:RPJ1pyY1u2XpS5VL7++e3BuFF9uOnWR0vkqNuG2:N0iZXh+eKFlWmk+u
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Suspicious use of SetThreadContext
-