General
-
Target
808bcbf367c67385e00e9d54cdfed9d99b449b25bcbe50a2015044065370d6da
-
Size
2.1MB
-
Sample
221125-krtqcsaa6t
-
MD5
b322484e73005048a50faa38667754b7
-
SHA1
b177d083b24fda398aa1f496ee69bafa7525a3a3
-
SHA256
808bcbf367c67385e00e9d54cdfed9d99b449b25bcbe50a2015044065370d6da
-
SHA512
a7c46b90ce90103a88677f4613afaa30c7e38b4bdbc067b38f747a1b5c550a23b7678bda977282f07aa7be3f55f76f61c0a42de0081ad4694e8cd6a06e711b24
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
808bcbf367c67385e00e9d54cdfed9d99b449b25bcbe50a2015044065370d6da.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
808bcbf367c67385e00e9d54cdfed9d99b449b25bcbe50a2015044065370d6da.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
808bcbf367c67385e00e9d54cdfed9d99b449b25bcbe50a2015044065370d6da
-
Size
2.1MB
-
MD5
b322484e73005048a50faa38667754b7
-
SHA1
b177d083b24fda398aa1f496ee69bafa7525a3a3
-
SHA256
808bcbf367c67385e00e9d54cdfed9d99b449b25bcbe50a2015044065370d6da
-
SHA512
a7c46b90ce90103a88677f4613afaa30c7e38b4bdbc067b38f747a1b5c550a23b7678bda977282f07aa7be3f55f76f61c0a42de0081ad4694e8cd6a06e711b24
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-