General
-
Target
743e675a250b9634e221ab133fd6505fe7c827ffb0606731350312152334bf42
-
Size
1.5MB
-
Sample
221125-j72kgadd29
-
MD5
877b8516824d428b408fb38a7d07ee3f
-
SHA1
6d2744c957a75938f585632a5edfbf85b81cfd78
-
SHA256
743e675a250b9634e221ab133fd6505fe7c827ffb0606731350312152334bf42
-
SHA512
b073f3898798c0976bb88fac63a6ee8e3d81aa4af831cd085707d806117ad22a8189337c30d87be489b060e305ebe20bf778b23a6f4faead767dbd243ff1fc48
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
743e675a250b9634e221ab133fd6505fe7c827ffb0606731350312152334bf42.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
743e675a250b9634e221ab133fd6505fe7c827ffb0606731350312152334bf42.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
743e675a250b9634e221ab133fd6505fe7c827ffb0606731350312152334bf42
-
Size
1.5MB
-
MD5
877b8516824d428b408fb38a7d07ee3f
-
SHA1
6d2744c957a75938f585632a5edfbf85b81cfd78
-
SHA256
743e675a250b9634e221ab133fd6505fe7c827ffb0606731350312152334bf42
-
SHA512
b073f3898798c0976bb88fac63a6ee8e3d81aa4af831cd085707d806117ad22a8189337c30d87be489b060e305ebe20bf778b23a6f4faead767dbd243ff1fc48
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-