General
-
Target
9a10caf26716950274b4067ec83260082056f0f56aadab34343c33c43cbceebd
-
Size
103KB
-
Sample
221125-h7528aec4t
-
MD5
bc88e247a019a8e7511643fe7c7f4556
-
SHA1
759ccedba0508f0db7bf66500d6fbd8f72e7daab
-
SHA256
9a10caf26716950274b4067ec83260082056f0f56aadab34343c33c43cbceebd
-
SHA512
160e5eb1aeb0ef87898a05ef444440efed8ac0d7e74bdc722e2d983e9b1b1afcdd25950cbfda1ac730d121c0b158b83115c039acdf438dcd0259fb43fb1f4611
-
SSDEEP
3072:lta0RnzfhaC9+Ofplzc1Xn0sOISVu1RERK/hs:rFF9NvcRnyISoiRi
Static task
static1
Behavioral task
behavioral1
Sample
9a10caf26716950274b4067ec83260082056f0f56aadab34343c33c43cbceebd.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
9a10caf26716950274b4067ec83260082056f0f56aadab34343c33c43cbceebd.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
9a10caf26716950274b4067ec83260082056f0f56aadab34343c33c43cbceebd
-
Size
103KB
-
MD5
bc88e247a019a8e7511643fe7c7f4556
-
SHA1
759ccedba0508f0db7bf66500d6fbd8f72e7daab
-
SHA256
9a10caf26716950274b4067ec83260082056f0f56aadab34343c33c43cbceebd
-
SHA512
160e5eb1aeb0ef87898a05ef444440efed8ac0d7e74bdc722e2d983e9b1b1afcdd25950cbfda1ac730d121c0b158b83115c039acdf438dcd0259fb43fb1f4611
-
SSDEEP
3072:lta0RnzfhaC9+Ofplzc1Xn0sOISVu1RERK/hs:rFF9NvcRnyISoiRi
Score10/10-
Modifies WinLogon for persistence
-
NetWire RAT payload
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-