General
-
Target
2811ebd416aa6057f0acd63980eb81452fc04d57901d2bb71f1f54b67d606814
-
Size
122KB
-
Sample
221125-pvywpscb4w
-
MD5
f5fca738eeb91bd105322677162325a9
-
SHA1
8872b7fe0bd05e390ee70fb2f4c74c875ad07e4a
-
SHA256
2811ebd416aa6057f0acd63980eb81452fc04d57901d2bb71f1f54b67d606814
-
SHA512
e8d2ecb37b95b813a3ba368e3706199751c74851e8fec5a3f3cd89ea4b5bb7de4619614af05438bbdd7f0237804d3dfd62df8e9290ade4c6b3f1b331052031dd
-
SSDEEP
3072:WLD+1ReXDsoUfWBeDhzgzz5MYh/6srzGRLH:WLD1DsoUfceDhzgzJ/6sK
Static task
static1
Behavioral task
behavioral1
Sample
2811ebd416aa6057f0acd63980eb81452fc04d57901d2bb71f1f54b67d606814.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2811ebd416aa6057f0acd63980eb81452fc04d57901d2bb71f1f54b67d606814.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
2811ebd416aa6057f0acd63980eb81452fc04d57901d2bb71f1f54b67d606814
-
Size
122KB
-
MD5
f5fca738eeb91bd105322677162325a9
-
SHA1
8872b7fe0bd05e390ee70fb2f4c74c875ad07e4a
-
SHA256
2811ebd416aa6057f0acd63980eb81452fc04d57901d2bb71f1f54b67d606814
-
SHA512
e8d2ecb37b95b813a3ba368e3706199751c74851e8fec5a3f3cd89ea4b5bb7de4619614af05438bbdd7f0237804d3dfd62df8e9290ade4c6b3f1b331052031dd
-
SSDEEP
3072:WLD+1ReXDsoUfWBeDhzgzz5MYh/6srzGRLH:WLD1DsoUfceDhzgzJ/6sK
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-