General
-
Target
b9b62d4efd53a9866a2cd84c16172af87508ae35607cfe18e9fe85b0dc16c91f
-
Size
1.3MB
-
Sample
221125-ka523ade74
-
MD5
16f59c62272b1343d309e3e1b0da7825
-
SHA1
bf82748483677a98195cb23e4f69dd098085ccbb
-
SHA256
b9b62d4efd53a9866a2cd84c16172af87508ae35607cfe18e9fe85b0dc16c91f
-
SHA512
400fa1e99e5a35666cbfd34eb65c0eaff1a22f64d23ab4a6437f75f77082335c6b02e5c6776e3e51d652cd8b7eb602d707045bd6c1b42b5ae17746e4c793df70
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
b9b62d4efd53a9866a2cd84c16172af87508ae35607cfe18e9fe85b0dc16c91f.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
b9b62d4efd53a9866a2cd84c16172af87508ae35607cfe18e9fe85b0dc16c91f.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
b9b62d4efd53a9866a2cd84c16172af87508ae35607cfe18e9fe85b0dc16c91f
-
Size
1.3MB
-
MD5
16f59c62272b1343d309e3e1b0da7825
-
SHA1
bf82748483677a98195cb23e4f69dd098085ccbb
-
SHA256
b9b62d4efd53a9866a2cd84c16172af87508ae35607cfe18e9fe85b0dc16c91f
-
SHA512
400fa1e99e5a35666cbfd34eb65c0eaff1a22f64d23ab4a6437f75f77082335c6b02e5c6776e3e51d652cd8b7eb602d707045bd6c1b42b5ae17746e4c793df70
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-