General
-
Target
4cf91235020eae322d8591d850d3982eb7f6bd18fb2838d322adbfd620c0924f
-
Size
1.3MB
-
Sample
221125-kbk4aade94
-
MD5
de0a6c3bd90ba04ba7e222c2342eb83d
-
SHA1
596731db56a389b656f6cb1557aac8965f8f20e6
-
SHA256
4cf91235020eae322d8591d850d3982eb7f6bd18fb2838d322adbfd620c0924f
-
SHA512
aa8b78be9ba123cb81437b9dfde7835fc2243c677fb278e7093727c322cd6b73df0e9da0e18f23e0629caee8326bc8aeea4aec7c4a1c73be339ff19065198bd4
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
4cf91235020eae322d8591d850d3982eb7f6bd18fb2838d322adbfd620c0924f.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
4cf91235020eae322d8591d850d3982eb7f6bd18fb2838d322adbfd620c0924f.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
4cf91235020eae322d8591d850d3982eb7f6bd18fb2838d322adbfd620c0924f
-
Size
1.3MB
-
MD5
de0a6c3bd90ba04ba7e222c2342eb83d
-
SHA1
596731db56a389b656f6cb1557aac8965f8f20e6
-
SHA256
4cf91235020eae322d8591d850d3982eb7f6bd18fb2838d322adbfd620c0924f
-
SHA512
aa8b78be9ba123cb81437b9dfde7835fc2243c677fb278e7093727c322cd6b73df0e9da0e18f23e0629caee8326bc8aeea4aec7c4a1c73be339ff19065198bd4
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-