General
-
Target
684d9a6f22dbeaade18db4926d86c3eb4b0b92d01845c50d122e79df6fb33806
-
Size
167KB
-
Sample
221125-jlh61afc5x
-
MD5
98ef819f3d8f7c63fd64c818c575f54b
-
SHA1
b6f7dec83a2d7e7fc2b39f92797c17d839186291
-
SHA256
684d9a6f22dbeaade18db4926d86c3eb4b0b92d01845c50d122e79df6fb33806
-
SHA512
0e2cb23d3c8e1751dc187c200ba6dac8bd2c43366495d2728aa2eaecf81b70fae6394fbdf73c354ef7daf8e8668beb0ccd1994eeb94420c9d0d15c7299d07f8c
-
SSDEEP
3072:w6lLYNrblBWBcywybPj8J2QTHPl4c0FkTC6fUNRD5byFW:hIdfyb3WPlr0FkTCuUjD5uW
Static task
static1
Behavioral task
behavioral1
Sample
684d9a6f22dbeaade18db4926d86c3eb4b0b92d01845c50d122e79df6fb33806.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
684d9a6f22dbeaade18db4926d86c3eb4b0b92d01845c50d122e79df6fb33806.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
684d9a6f22dbeaade18db4926d86c3eb4b0b92d01845c50d122e79df6fb33806
-
Size
167KB
-
MD5
98ef819f3d8f7c63fd64c818c575f54b
-
SHA1
b6f7dec83a2d7e7fc2b39f92797c17d839186291
-
SHA256
684d9a6f22dbeaade18db4926d86c3eb4b0b92d01845c50d122e79df6fb33806
-
SHA512
0e2cb23d3c8e1751dc187c200ba6dac8bd2c43366495d2728aa2eaecf81b70fae6394fbdf73c354ef7daf8e8668beb0ccd1994eeb94420c9d0d15c7299d07f8c
-
SSDEEP
3072:w6lLYNrblBWBcywybPj8J2QTHPl4c0FkTC6fUNRD5byFW:hIdfyb3WPlr0FkTCuUjD5uW
Score10/10-
Adds policy Run key to start application
-
Blocklisted process makes network request
-
Disables taskbar notifications via registry modification
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-