General
-
Target
80f66ebcdc07f8764f49c07a12dedf425220cba0af875bb686a2ed24ac8a7df8
-
Size
77KB
-
Sample
221125-jeej8sbc52
-
MD5
3e23b4ab0b776788a16298033145250a
-
SHA1
7eb8ef4fd8f8ecd564540f05eb4ca94242537816
-
SHA256
80f66ebcdc07f8764f49c07a12dedf425220cba0af875bb686a2ed24ac8a7df8
-
SHA512
afbf533ea4aef27193c611a6b1b9d19c3a867ab230d9b872ed57fe70b579099d191b989405ed11ced9cf685723bfdb8b0507effe702cdd01c9f2a9958b0c79fe
-
SSDEEP
768:TkGG+pe9oIQtg9vWJ5OLxQ6uqLuo6Gz1WrkKI7+fvUVSZ2:Tque2tM+qDVVaS+2
Static task
static1
Behavioral task
behavioral1
Sample
80f66ebcdc07f8764f49c07a12dedf425220cba0af875bb686a2ed24ac8a7df8.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
80f66ebcdc07f8764f49c07a12dedf425220cba0af875bb686a2ed24ac8a7df8.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
80f66ebcdc07f8764f49c07a12dedf425220cba0af875bb686a2ed24ac8a7df8
-
Size
77KB
-
MD5
3e23b4ab0b776788a16298033145250a
-
SHA1
7eb8ef4fd8f8ecd564540f05eb4ca94242537816
-
SHA256
80f66ebcdc07f8764f49c07a12dedf425220cba0af875bb686a2ed24ac8a7df8
-
SHA512
afbf533ea4aef27193c611a6b1b9d19c3a867ab230d9b872ed57fe70b579099d191b989405ed11ced9cf685723bfdb8b0507effe702cdd01c9f2a9958b0c79fe
-
SSDEEP
768:TkGG+pe9oIQtg9vWJ5OLxQ6uqLuo6Gz1WrkKI7+fvUVSZ2:Tque2tM+qDVVaS+2
Score8/10-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-