General
-
Target
b5970ed558461a6f17512c70fb4f2e5c28b40914389e28aa2f0bb67e87f521a4
-
Size
318KB
-
Sample
221125-k2cjtsfb62
-
MD5
c38674135a648df803c2253f03dbc454
-
SHA1
804fe6541d91f493498b9a464faa58d60011b434
-
SHA256
b5970ed558461a6f17512c70fb4f2e5c28b40914389e28aa2f0bb67e87f521a4
-
SHA512
e44db875a786d239454f099500645fdd1cac22f6ed3333594148843b4d84f7cc87bba5c82b6ab10dd29e9fb513f0c5bcbfe322528358ec0b76e88b53a1a0f265
-
SSDEEP
3072:dSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbMtJyVdyw:ssqhJMxzJiU5SeLmNSbMtJU5
Static task
static1
Behavioral task
behavioral1
Sample
b5970ed558461a6f17512c70fb4f2e5c28b40914389e28aa2f0bb67e87f521a4.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
b5970ed558461a6f17512c70fb4f2e5c28b40914389e28aa2f0bb67e87f521a4.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
b5970ed558461a6f17512c70fb4f2e5c28b40914389e28aa2f0bb67e87f521a4
-
Size
318KB
-
MD5
c38674135a648df803c2253f03dbc454
-
SHA1
804fe6541d91f493498b9a464faa58d60011b434
-
SHA256
b5970ed558461a6f17512c70fb4f2e5c28b40914389e28aa2f0bb67e87f521a4
-
SHA512
e44db875a786d239454f099500645fdd1cac22f6ed3333594148843b4d84f7cc87bba5c82b6ab10dd29e9fb513f0c5bcbfe322528358ec0b76e88b53a1a0f265
-
SSDEEP
3072:dSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbMtJyVdyw:ssqhJMxzJiU5SeLmNSbMtJU5
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-