General
-
Target
662a375950d1b16ceb51ea7d50fbaa9121f087d7d148d3be65705a2c4b8b3d08
-
Size
146KB
-
Sample
221126-k2zpcsfg69
-
MD5
1fd5ff320a44cfc6d33a505c24efa590
-
SHA1
6db5b5667f7861e163344f95ec9f0f3616d14130
-
SHA256
662a375950d1b16ceb51ea7d50fbaa9121f087d7d148d3be65705a2c4b8b3d08
-
SHA512
83177f1f72249deaca68249ee5b2f4b755dd0481fb7b24c55f3f28183d5b54edf40f4e330bb00156210eea1f6d73414474df4f3b5b8b69cb14150d058983c29d
-
SSDEEP
3072:/EBurucqyxil650IRnGOamWe3BYL7aoBUSl3X:cVcqd6Bg7aj+n
Static task
static1
Behavioral task
behavioral1
Sample
662a375950d1b16ceb51ea7d50fbaa9121f087d7d148d3be65705a2c4b8b3d08.exe
Resource
win10-20220812-en
Malware Config
Extracted
tofsee
svartalfheim.top
jotunheim.name
Targets
-
-
Target
662a375950d1b16ceb51ea7d50fbaa9121f087d7d148d3be65705a2c4b8b3d08
-
Size
146KB
-
MD5
1fd5ff320a44cfc6d33a505c24efa590
-
SHA1
6db5b5667f7861e163344f95ec9f0f3616d14130
-
SHA256
662a375950d1b16ceb51ea7d50fbaa9121f087d7d148d3be65705a2c4b8b3d08
-
SHA512
83177f1f72249deaca68249ee5b2f4b755dd0481fb7b24c55f3f28183d5b54edf40f4e330bb00156210eea1f6d73414474df4f3b5b8b69cb14150d058983c29d
-
SSDEEP
3072:/EBurucqyxil650IRnGOamWe3BYL7aoBUSl3X:cVcqd6Bg7aj+n
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Suspicious use of SetThreadContext
-