General
-
Target
5460d559b800cf81b6e2406d2e30b27c11471d69e234ed1d64d5d0926fb9228e
-
Size
1.0MB
-
Sample
221125-k1xhlsfb44
-
MD5
a63d517c0e122e367e484cf75edbf34f
-
SHA1
f8538f5d687c5e36f05da55ea56c2ab8fb355b63
-
SHA256
5460d559b800cf81b6e2406d2e30b27c11471d69e234ed1d64d5d0926fb9228e
-
SHA512
c7a40453d2053be2b043e0e3359e13f3cbfd6bb357e72d853af040add9f1aaf33f6e7158b82fe8bd926cc94f1736a2be67ba48adae79b12ddc5972f9d634df69
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
5460d559b800cf81b6e2406d2e30b27c11471d69e234ed1d64d5d0926fb9228e.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
5460d559b800cf81b6e2406d2e30b27c11471d69e234ed1d64d5d0926fb9228e.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
5460d559b800cf81b6e2406d2e30b27c11471d69e234ed1d64d5d0926fb9228e
-
Size
1.0MB
-
MD5
a63d517c0e122e367e484cf75edbf34f
-
SHA1
f8538f5d687c5e36f05da55ea56c2ab8fb355b63
-
SHA256
5460d559b800cf81b6e2406d2e30b27c11471d69e234ed1d64d5d0926fb9228e
-
SHA512
c7a40453d2053be2b043e0e3359e13f3cbfd6bb357e72d853af040add9f1aaf33f6e7158b82fe8bd926cc94f1736a2be67ba48adae79b12ddc5972f9d634df69
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-