General
-
Target
12ccf80129469d1b6acc8feed64f989d98dc74725b9e562a5be7cc0db27c6a91
-
Size
1.3MB
-
Sample
221125-kxjgksac71
-
MD5
b709fe0a934ea6ff67b4381f59df3e94
-
SHA1
fbc7b851bc8ba989ba072aad6d41a989e2942baf
-
SHA256
12ccf80129469d1b6acc8feed64f989d98dc74725b9e562a5be7cc0db27c6a91
-
SHA512
e64d432a3cc9a9fdc12678e0e984c1cf50d6474dc65c9d1f7dc8bd341e37ffd8e715757c2ac9d2477e47d4db1fa949a30250eda111d7a1232b87cdc1343d9c8f
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
12ccf80129469d1b6acc8feed64f989d98dc74725b9e562a5be7cc0db27c6a91.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
12ccf80129469d1b6acc8feed64f989d98dc74725b9e562a5be7cc0db27c6a91.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
12ccf80129469d1b6acc8feed64f989d98dc74725b9e562a5be7cc0db27c6a91
-
Size
1.3MB
-
MD5
b709fe0a934ea6ff67b4381f59df3e94
-
SHA1
fbc7b851bc8ba989ba072aad6d41a989e2942baf
-
SHA256
12ccf80129469d1b6acc8feed64f989d98dc74725b9e562a5be7cc0db27c6a91
-
SHA512
e64d432a3cc9a9fdc12678e0e984c1cf50d6474dc65c9d1f7dc8bd341e37ffd8e715757c2ac9d2477e47d4db1fa949a30250eda111d7a1232b87cdc1343d9c8f
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-