General
-
Target
ae5894c9cbb4f058f8aa40da8deebc44fb9772ab645a3df5d62cb23e8ef76d01
-
Size
1.8MB
-
Sample
221125-lee7wabe2z
-
MD5
ef9899724839613d026e95cb1a7fd60a
-
SHA1
b4325c37c26b27bbc1cba63e413c6ddf56e7f083
-
SHA256
ae5894c9cbb4f058f8aa40da8deebc44fb9772ab645a3df5d62cb23e8ef76d01
-
SHA512
5fe426c2f5e07678150936975415df1276e64203505bfb680d429834896b0ced4c1c09b51533b91acec0a31d86a345732b625ee40bb60c8acb6b5fbd787e083d
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
ae5894c9cbb4f058f8aa40da8deebc44fb9772ab645a3df5d62cb23e8ef76d01.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ae5894c9cbb4f058f8aa40da8deebc44fb9772ab645a3df5d62cb23e8ef76d01.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
ae5894c9cbb4f058f8aa40da8deebc44fb9772ab645a3df5d62cb23e8ef76d01
-
Size
1.8MB
-
MD5
ef9899724839613d026e95cb1a7fd60a
-
SHA1
b4325c37c26b27bbc1cba63e413c6ddf56e7f083
-
SHA256
ae5894c9cbb4f058f8aa40da8deebc44fb9772ab645a3df5d62cb23e8ef76d01
-
SHA512
5fe426c2f5e07678150936975415df1276e64203505bfb680d429834896b0ced4c1c09b51533b91acec0a31d86a345732b625ee40bb60c8acb6b5fbd787e083d
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-