General
-
Target
e2d3cf0aec8c3d8f574c1cdab228c96040aa9c180212afa56c5fd2b0406079be
-
Size
127KB
-
Sample
221125-pshfyabh8w
-
MD5
89a2f641a8e54d7ab11b231581220687
-
SHA1
dce172d2dec8e22283b97c33041c4cbaf5c97365
-
SHA256
e2d3cf0aec8c3d8f574c1cdab228c96040aa9c180212afa56c5fd2b0406079be
-
SHA512
a8819049ec422417df4b2e2519ceb47138a96a3458ad184436b2bf45262035758a7ee799b0b719aa804b54c54c19f86756889e9fc1185a8230a03fa467018e5a
-
SSDEEP
3072:/a/f9+6025F8Q086q29cvbs2SKuvAtHaln:/aX9+z4KQD29cvbmvAwln
Static task
static1
Behavioral task
behavioral1
Sample
e2d3cf0aec8c3d8f574c1cdab228c96040aa9c180212afa56c5fd2b0406079be.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
e2d3cf0aec8c3d8f574c1cdab228c96040aa9c180212afa56c5fd2b0406079be.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
e2d3cf0aec8c3d8f574c1cdab228c96040aa9c180212afa56c5fd2b0406079be
-
Size
127KB
-
MD5
89a2f641a8e54d7ab11b231581220687
-
SHA1
dce172d2dec8e22283b97c33041c4cbaf5c97365
-
SHA256
e2d3cf0aec8c3d8f574c1cdab228c96040aa9c180212afa56c5fd2b0406079be
-
SHA512
a8819049ec422417df4b2e2519ceb47138a96a3458ad184436b2bf45262035758a7ee799b0b719aa804b54c54c19f86756889e9fc1185a8230a03fa467018e5a
-
SSDEEP
3072:/a/f9+6025F8Q086q29cvbs2SKuvAtHaln:/aX9+z4KQD29cvbmvAwln
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-