General
-
Target
c4320493869b5498f969a33eee5e15282c710546d965ed34c3fc141602666c3f
-
Size
847KB
-
Sample
221125-j8bqfagg8z
-
MD5
77afe9c66375cf5c6f5025a84c1193e8
-
SHA1
cbd31b93d244d13f84c9e6a507c52d2bb58a178c
-
SHA256
c4320493869b5498f969a33eee5e15282c710546d965ed34c3fc141602666c3f
-
SHA512
829c1623e25e658af27549ea6424cc14a0d78753f43918480437579cdc92fb7ab0110dd303568e018d6bf7f589c1bde4226569c818d61745d49ba854e727558c
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
c4320493869b5498f969a33eee5e15282c710546d965ed34c3fc141602666c3f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c4320493869b5498f969a33eee5e15282c710546d965ed34c3fc141602666c3f.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
c4320493869b5498f969a33eee5e15282c710546d965ed34c3fc141602666c3f
-
Size
847KB
-
MD5
77afe9c66375cf5c6f5025a84c1193e8
-
SHA1
cbd31b93d244d13f84c9e6a507c52d2bb58a178c
-
SHA256
c4320493869b5498f969a33eee5e15282c710546d965ed34c3fc141602666c3f
-
SHA512
829c1623e25e658af27549ea6424cc14a0d78753f43918480437579cdc92fb7ab0110dd303568e018d6bf7f589c1bde4226569c818d61745d49ba854e727558c
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-