General
-
Target
73826a30c843d893db56ab17e297b23440289724c83b90ee0c36bd74ff86e75e
-
Size
1.1MB
-
Sample
221125-lejv3aga37
-
MD5
9a403a1699c0d385339a52e6f9bcd0b6
-
SHA1
0917e5c0f4b22a73bb35439e5447dedb5f8b06a0
-
SHA256
73826a30c843d893db56ab17e297b23440289724c83b90ee0c36bd74ff86e75e
-
SHA512
d9db63c2c85b653c269ce78e3e24d3d5dfa10fad6e1a2b53d0e19a88aaa1ed697db1d86c2a3376899a8f7aa9bbbf7fe7ecc9b7a1dd1950192e135f83c352af0d
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
73826a30c843d893db56ab17e297b23440289724c83b90ee0c36bd74ff86e75e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
73826a30c843d893db56ab17e297b23440289724c83b90ee0c36bd74ff86e75e.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
73826a30c843d893db56ab17e297b23440289724c83b90ee0c36bd74ff86e75e
-
Size
1.1MB
-
MD5
9a403a1699c0d385339a52e6f9bcd0b6
-
SHA1
0917e5c0f4b22a73bb35439e5447dedb5f8b06a0
-
SHA256
73826a30c843d893db56ab17e297b23440289724c83b90ee0c36bd74ff86e75e
-
SHA512
d9db63c2c85b653c269ce78e3e24d3d5dfa10fad6e1a2b53d0e19a88aaa1ed697db1d86c2a3376899a8f7aa9bbbf7fe7ecc9b7a1dd1950192e135f83c352af0d
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-