General
-
Target
bedb66c0ebe27be39d96f9b548e5d724aa62e4f52e23cb032e4a3bc6c404757a
-
Size
977KB
-
Sample
221127-jzq4rsfb81
-
MD5
607b7bfda2d129d77463ecccedef53ab
-
SHA1
cfb86ae9a37ec8e227c7b7a0436053c9c009ddb7
-
SHA256
bedb66c0ebe27be39d96f9b548e5d724aa62e4f52e23cb032e4a3bc6c404757a
-
SHA512
3bf86da66074e97362fafd83c32ba5ed454c1194fbbd3759dfc5635ddca2ed880ee4764826bf5f48638f03b0514b293177a7e1cdad4fdb003bc55360bf6a9b36
-
SSDEEP
24576:8DbR+62ot7uWbnZbQKP5DYy7CuMv3ivjgRlpwxVGcMw1bQ:8DN+62oIWjZbx537CuMvivjgRiVgw0
Static task
static1
Behavioral task
behavioral1
Sample
bedb66c0ebe27be39d96f9b548e5d724aa62e4f52e23cb032e4a3bc6c404757a.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
bedb66c0ebe27be39d96f9b548e5d724aa62e4f52e23cb032e4a3bc6c404757a
-
Size
977KB
-
MD5
607b7bfda2d129d77463ecccedef53ab
-
SHA1
cfb86ae9a37ec8e227c7b7a0436053c9c009ddb7
-
SHA256
bedb66c0ebe27be39d96f9b548e5d724aa62e4f52e23cb032e4a3bc6c404757a
-
SHA512
3bf86da66074e97362fafd83c32ba5ed454c1194fbbd3759dfc5635ddca2ed880ee4764826bf5f48638f03b0514b293177a7e1cdad4fdb003bc55360bf6a9b36
-
SSDEEP
24576:8DbR+62ot7uWbnZbQKP5DYy7CuMv3ivjgRlpwxVGcMw1bQ:8DN+62oIWjZbx537CuMvivjgRiVgw0
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-