General
-
Target
194ce016322f59f52ff8311a77b81847e8330667ddbb476862104e72e6fcb818
-
Size
1.7MB
-
Sample
221125-ldawrsfh66
-
MD5
4a50ebb7357ed7ad2bdd2aa0b7adb247
-
SHA1
e95ead1ef996937878dafbc63ec1e2840dbc7b78
-
SHA256
194ce016322f59f52ff8311a77b81847e8330667ddbb476862104e72e6fcb818
-
SHA512
b0d3edfe5903bc5a02b2ca264c03e0100b82f69260ee6cc68588e8f88346ed38b1ac17b9505c11255dd44d89c45bc0b4ae90e6ba846c9fb48c278692101b098e
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
194ce016322f59f52ff8311a77b81847e8330667ddbb476862104e72e6fcb818.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
194ce016322f59f52ff8311a77b81847e8330667ddbb476862104e72e6fcb818.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
194ce016322f59f52ff8311a77b81847e8330667ddbb476862104e72e6fcb818
-
Size
1.7MB
-
MD5
4a50ebb7357ed7ad2bdd2aa0b7adb247
-
SHA1
e95ead1ef996937878dafbc63ec1e2840dbc7b78
-
SHA256
194ce016322f59f52ff8311a77b81847e8330667ddbb476862104e72e6fcb818
-
SHA512
b0d3edfe5903bc5a02b2ca264c03e0100b82f69260ee6cc68588e8f88346ed38b1ac17b9505c11255dd44d89c45bc0b4ae90e6ba846c9fb48c278692101b098e
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-