General
-
Target
58ccb815d2b8bbe042fccf774df51326bb2abcabeb200030b9f8a76fc2c356f7
-
Size
879KB
-
Sample
221125-kvn92seg58
-
MD5
d175a6c575495a3bb75f1bfa25285a04
-
SHA1
c51bea21066224f55dcce7d5b3e1c54039edf701
-
SHA256
58ccb815d2b8bbe042fccf774df51326bb2abcabeb200030b9f8a76fc2c356f7
-
SHA512
e3018d4fc7f2179025691955f10dc2f110d94079664321722bfa7e6eae8aa48a5e22576ae88f0912a72948f6bd45a61bbbaa38020c3ad110802ebc90d8ec29cb
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
58ccb815d2b8bbe042fccf774df51326bb2abcabeb200030b9f8a76fc2c356f7.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
58ccb815d2b8bbe042fccf774df51326bb2abcabeb200030b9f8a76fc2c356f7.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
58ccb815d2b8bbe042fccf774df51326bb2abcabeb200030b9f8a76fc2c356f7
-
Size
879KB
-
MD5
d175a6c575495a3bb75f1bfa25285a04
-
SHA1
c51bea21066224f55dcce7d5b3e1c54039edf701
-
SHA256
58ccb815d2b8bbe042fccf774df51326bb2abcabeb200030b9f8a76fc2c356f7
-
SHA512
e3018d4fc7f2179025691955f10dc2f110d94079664321722bfa7e6eae8aa48a5e22576ae88f0912a72948f6bd45a61bbbaa38020c3ad110802ebc90d8ec29cb
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-