General
-
Target
6601ce8be61245bf5b8ea180983597fea45cb7d59244ad65d8891af56d330c97
-
Size
62KB
-
Sample
221125-rxk4qshc5x
-
MD5
cca476e0ceb840617c1b113336be0aed
-
SHA1
65cb649e7d52eefddedf5099d15e86c16a8d8ef4
-
SHA256
6601ce8be61245bf5b8ea180983597fea45cb7d59244ad65d8891af56d330c97
-
SHA512
46662e27c3fb8fae5d8777da90c6801130a7f4299753892bb6da63974fbcc55eedf277cf52d3c1d97b743133cb5a7db01399f0d22796cab569194fc19b83bb68
-
SSDEEP
1536:/4UHxpN/MUXsLTvCj0DBXJaObAlWSXmuWWhADAgvnB/hqx:/4URpNUUX6z/DBXJfbAlWSXmuWW4Agva
Static task
static1
Behavioral task
behavioral1
Sample
6601ce8be61245bf5b8ea180983597fea45cb7d59244ad65d8891af56d330c97.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
6601ce8be61245bf5b8ea180983597fea45cb7d59244ad65d8891af56d330c97.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
6601ce8be61245bf5b8ea180983597fea45cb7d59244ad65d8891af56d330c97
-
Size
62KB
-
MD5
cca476e0ceb840617c1b113336be0aed
-
SHA1
65cb649e7d52eefddedf5099d15e86c16a8d8ef4
-
SHA256
6601ce8be61245bf5b8ea180983597fea45cb7d59244ad65d8891af56d330c97
-
SHA512
46662e27c3fb8fae5d8777da90c6801130a7f4299753892bb6da63974fbcc55eedf277cf52d3c1d97b743133cb5a7db01399f0d22796cab569194fc19b83bb68
-
SSDEEP
1536:/4UHxpN/MUXsLTvCj0DBXJaObAlWSXmuWWhADAgvnB/hqx:/4URpNUUX6z/DBXJfbAlWSXmuWW4Agva
Score8/10-
Adds policy Run key to start application
-
Deletes itself
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-