General
-
Target
42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f
-
Size
394KB
-
Sample
221125-lljtmsgd55
-
MD5
0c985eba4c824c943dfd05035bc4eef1
-
SHA1
f5ba7a99bc283a5cc527c9e978986e7efad1b4f0
-
SHA256
42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f
-
SHA512
3b69bbcd67456cfb326e432016d7c292746cb8ef5897ab2bb3322452b7424189713d944ee3f768cb8c320db805c6de1c634e980549c806d41724e02e07b43bd9
-
SSDEEP
3072:dSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbMtJyVdyw:ssqhJMxzJiU5SeLmNSbMtJU5
Static task
static1
Behavioral task
behavioral1
Sample
42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f
-
Size
394KB
-
MD5
0c985eba4c824c943dfd05035bc4eef1
-
SHA1
f5ba7a99bc283a5cc527c9e978986e7efad1b4f0
-
SHA256
42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f
-
SHA512
3b69bbcd67456cfb326e432016d7c292746cb8ef5897ab2bb3322452b7424189713d944ee3f768cb8c320db805c6de1c634e980549c806d41724e02e07b43bd9
-
SSDEEP
3072:dSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbMtJyVdyw:ssqhJMxzJiU5SeLmNSbMtJU5
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-