General
-
Target
fcf9dc0f5c06bbe1c0487601059d8d6b645c161fc3f60b884fc03d5618b2c6cd
-
Size
2.0MB
-
Sample
221125-laltvsbb9t
-
MD5
70aa7b630a72ead99360bf588efbd99c
-
SHA1
40349aa11b3e2f7c61e01f6457d88e205de2a673
-
SHA256
fcf9dc0f5c06bbe1c0487601059d8d6b645c161fc3f60b884fc03d5618b2c6cd
-
SHA512
274373875fe437754ef4481b034a9ef05533f6f7ce8c237bec3a629077d0f0def1cf8ff71304855390a3dbff0262529f7d243c3efc9c7502f265d0dc26bf5f10
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
fcf9dc0f5c06bbe1c0487601059d8d6b645c161fc3f60b884fc03d5618b2c6cd.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
fcf9dc0f5c06bbe1c0487601059d8d6b645c161fc3f60b884fc03d5618b2c6cd.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
fcf9dc0f5c06bbe1c0487601059d8d6b645c161fc3f60b884fc03d5618b2c6cd
-
Size
2.0MB
-
MD5
70aa7b630a72ead99360bf588efbd99c
-
SHA1
40349aa11b3e2f7c61e01f6457d88e205de2a673
-
SHA256
fcf9dc0f5c06bbe1c0487601059d8d6b645c161fc3f60b884fc03d5618b2c6cd
-
SHA512
274373875fe437754ef4481b034a9ef05533f6f7ce8c237bec3a629077d0f0def1cf8ff71304855390a3dbff0262529f7d243c3efc9c7502f265d0dc26bf5f10
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-