General
-
Target
e8940602d2bbd3f3ec5447e8bdbbf8cb9bdf3de0ecc0c9a28fc5be530c862bd3
-
Size
1.4MB
-
Sample
221125-lnebyage59
-
MD5
657490762b3af18de3c6ac4e75544172
-
SHA1
5ea5b9e41b3f59f486768b19c8347977384933a9
-
SHA256
e8940602d2bbd3f3ec5447e8bdbbf8cb9bdf3de0ecc0c9a28fc5be530c862bd3
-
SHA512
a46cd2da83c1433354e85c28d327e00fbe76845d33720dfd2140d80fdbf8ba09d8cf7f3d3d7cd4acc9671fb013ce164fdf9e35efd9b6af1b104f0b4f8f4c3c23
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Static task
static1
Behavioral task
behavioral1
Sample
e8940602d2bbd3f3ec5447e8bdbbf8cb9bdf3de0ecc0c9a28fc5be530c862bd3.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
e8940602d2bbd3f3ec5447e8bdbbf8cb9bdf3de0ecc0c9a28fc5be530c862bd3.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
e8940602d2bbd3f3ec5447e8bdbbf8cb9bdf3de0ecc0c9a28fc5be530c862bd3
-
Size
1.4MB
-
MD5
657490762b3af18de3c6ac4e75544172
-
SHA1
5ea5b9e41b3f59f486768b19c8347977384933a9
-
SHA256
e8940602d2bbd3f3ec5447e8bdbbf8cb9bdf3de0ecc0c9a28fc5be530c862bd3
-
SHA512
a46cd2da83c1433354e85c28d327e00fbe76845d33720dfd2140d80fdbf8ba09d8cf7f3d3d7cd4acc9671fb013ce164fdf9e35efd9b6af1b104f0b4f8f4c3c23
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-