General
-
Target
fb17777e718f2adc03db114f451282de316f96eba97841c8dff06614fbc4e254
-
Size
976KB
-
Sample
221126-lh1yrabc9w
-
MD5
5a8a97f16321051d1c313b284c798bdb
-
SHA1
73aa1fb21ad3f7baeac25b00927d2b9c7fdb35a9
-
SHA256
fb17777e718f2adc03db114f451282de316f96eba97841c8dff06614fbc4e254
-
SHA512
f33203a3ebaa65d56318ff2266f5e36819d2148a16c4cba4d47ee4a1576d800837acafc06c293dde45985c37b3acc0ad11a7e86c679b88681bb609327db2bde7
-
SSDEEP
12288:yjDOET/hM0s51zHivMS++WBPKIxbxRoh2stp24In9L+00e/IZwO8dwGxxaWcuJdc:IDOENMZcMhK8tRobe/8CdHxa7uJUp7
Static task
static1
Behavioral task
behavioral1
Sample
fb17777e718f2adc03db114f451282de316f96eba97841c8dff06614fbc4e254.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
fb17777e718f2adc03db114f451282de316f96eba97841c8dff06614fbc4e254
-
Size
976KB
-
MD5
5a8a97f16321051d1c313b284c798bdb
-
SHA1
73aa1fb21ad3f7baeac25b00927d2b9c7fdb35a9
-
SHA256
fb17777e718f2adc03db114f451282de316f96eba97841c8dff06614fbc4e254
-
SHA512
f33203a3ebaa65d56318ff2266f5e36819d2148a16c4cba4d47ee4a1576d800837acafc06c293dde45985c37b3acc0ad11a7e86c679b88681bb609327db2bde7
-
SSDEEP
12288:yjDOET/hM0s51zHivMS++WBPKIxbxRoh2stp24In9L+00e/IZwO8dwGxxaWcuJdc:IDOENMZcMhK8tRobe/8CdHxa7uJUp7
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-