General
-
Target
bcb72ffc7af798ea42e0ef8dc9617b736433a5667f9e88f96cfea5b24b796b0b
-
Size
500KB
-
Sample
221125-szlzgsbg3s
-
MD5
683ba16fc97a52c41c0c407a6b379fee
-
SHA1
797a88f51a8fc6b3f4fc1ee0a0fa1d8f691f088f
-
SHA256
bcb72ffc7af798ea42e0ef8dc9617b736433a5667f9e88f96cfea5b24b796b0b
-
SHA512
02686f40f85aac6efc1489d2e181a213dee2bbbb76a574f75c796e5a35b26f6b805bed3c91208c73327a0409866843f06cf6868359553273b779ad5974e2541d
-
SSDEEP
12288:XKBLWoD1fKBLWoD1anB9+LEh/TyiAgTwLTtkeVcEE9zSwZfTyQcj4Ihz6lvdKw3J:XKFD1fKFD1anB9+LEh/TyiAgTwLTtke8
Static task
static1
Behavioral task
behavioral1
Sample
bcb72ffc7af798ea42e0ef8dc9617b736433a5667f9e88f96cfea5b24b796b0b.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
bcb72ffc7af798ea42e0ef8dc9617b736433a5667f9e88f96cfea5b24b796b0b.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
bcb72ffc7af798ea42e0ef8dc9617b736433a5667f9e88f96cfea5b24b796b0b
-
Size
500KB
-
MD5
683ba16fc97a52c41c0c407a6b379fee
-
SHA1
797a88f51a8fc6b3f4fc1ee0a0fa1d8f691f088f
-
SHA256
bcb72ffc7af798ea42e0ef8dc9617b736433a5667f9e88f96cfea5b24b796b0b
-
SHA512
02686f40f85aac6efc1489d2e181a213dee2bbbb76a574f75c796e5a35b26f6b805bed3c91208c73327a0409866843f06cf6868359553273b779ad5974e2541d
-
SSDEEP
12288:XKBLWoD1fKBLWoD1anB9+LEh/TyiAgTwLTtkeVcEE9zSwZfTyQcj4Ihz6lvdKw3J:XKFD1fKFD1anB9+LEh/TyiAgTwLTtke8
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-