General
-
Target
6909ba3d32e35efbf1710839ffd611e05c35aea8492b3611a8ac999e65f78472
-
Size
533KB
-
Sample
221125-kvlh6aab8s
-
MD5
8b9b3e8175fe8a11c442f19e1fd55e65
-
SHA1
8de36ddfdecbc0189449d8e2fa9394c9552c2c93
-
SHA256
6909ba3d32e35efbf1710839ffd611e05c35aea8492b3611a8ac999e65f78472
-
SHA512
7bf6062f6c64e53a44803cc84fc849db75b5537264f2a5e849912bb870304893df7d5c59d665dc4b906cccfa31238437054140487aad48124213854c8e5278f0
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
6909ba3d32e35efbf1710839ffd611e05c35aea8492b3611a8ac999e65f78472.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6909ba3d32e35efbf1710839ffd611e05c35aea8492b3611a8ac999e65f78472.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
6909ba3d32e35efbf1710839ffd611e05c35aea8492b3611a8ac999e65f78472
-
Size
533KB
-
MD5
8b9b3e8175fe8a11c442f19e1fd55e65
-
SHA1
8de36ddfdecbc0189449d8e2fa9394c9552c2c93
-
SHA256
6909ba3d32e35efbf1710839ffd611e05c35aea8492b3611a8ac999e65f78472
-
SHA512
7bf6062f6c64e53a44803cc84fc849db75b5537264f2a5e849912bb870304893df7d5c59d665dc4b906cccfa31238437054140487aad48124213854c8e5278f0
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-