General
-
Target
b52596e423a7ca9294f4b7f8c634687b1760828176f286f3cf96f2859b5fd508
-
Size
724KB
-
Sample
221125-krv87aaa6w
-
MD5
431cb076190eab9926c375b75ef3b251
-
SHA1
adcb489a32d0aa3e91fb2e866d1666355fd2761d
-
SHA256
b52596e423a7ca9294f4b7f8c634687b1760828176f286f3cf96f2859b5fd508
-
SHA512
b605459a332e445472b61c63a70351606e1e1e13bdd7ecfa68ad4bdd63a596ea033e818227b68f29b1c2d7c06b47226724db96dfebc121b07c512896328c32e5
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
b52596e423a7ca9294f4b7f8c634687b1760828176f286f3cf96f2859b5fd508.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b52596e423a7ca9294f4b7f8c634687b1760828176f286f3cf96f2859b5fd508.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
b52596e423a7ca9294f4b7f8c634687b1760828176f286f3cf96f2859b5fd508
-
Size
724KB
-
MD5
431cb076190eab9926c375b75ef3b251
-
SHA1
adcb489a32d0aa3e91fb2e866d1666355fd2761d
-
SHA256
b52596e423a7ca9294f4b7f8c634687b1760828176f286f3cf96f2859b5fd508
-
SHA512
b605459a332e445472b61c63a70351606e1e1e13bdd7ecfa68ad4bdd63a596ea033e818227b68f29b1c2d7c06b47226724db96dfebc121b07c512896328c32e5
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-