General
-
Target
1e76d0dbaee5eecef455dd389f2d1aa92c2c4f3b6779aed549d9e0e36404bdb7
-
Size
1.5MB
-
Sample
221127-zfhw2sgb92
-
MD5
0bc30baf32320b3b5fef7f2811457831
-
SHA1
d984a9a406c12e219a4ec2d4b7c591262ae50637
-
SHA256
1e76d0dbaee5eecef455dd389f2d1aa92c2c4f3b6779aed549d9e0e36404bdb7
-
SHA512
ad0a450bcb5bc808d224d468e8130b99c7a51091e6a6f414e4fbca09e6ba632feafe102b8d8f0c2744f27075dbf6ac1d7ea3f9cbc3fb82de177ca20edf724ea6
-
SSDEEP
24576:KFkvtkm+6Ewq1Kh3CZuP/+Sj+L/Ny4m+GY0Mja4Rnri2oWxHSucn1XmhZXKTeFfL:K+l3WiKy/+GbQRloWdtaT8aM
Static task
static1
Behavioral task
behavioral1
Sample
1e76d0dbaee5eecef455dd389f2d1aa92c2c4f3b6779aed549d9e0e36404bdb7.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
1e76d0dbaee5eecef455dd389f2d1aa92c2c4f3b6779aed549d9e0e36404bdb7.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
1e76d0dbaee5eecef455dd389f2d1aa92c2c4f3b6779aed549d9e0e36404bdb7
-
Size
1.5MB
-
MD5
0bc30baf32320b3b5fef7f2811457831
-
SHA1
d984a9a406c12e219a4ec2d4b7c591262ae50637
-
SHA256
1e76d0dbaee5eecef455dd389f2d1aa92c2c4f3b6779aed549d9e0e36404bdb7
-
SHA512
ad0a450bcb5bc808d224d468e8130b99c7a51091e6a6f414e4fbca09e6ba632feafe102b8d8f0c2744f27075dbf6ac1d7ea3f9cbc3fb82de177ca20edf724ea6
-
SSDEEP
24576:KFkvtkm+6Ewq1Kh3CZuP/+Sj+L/Ny4m+GY0Mja4Rnri2oWxHSucn1XmhZXKTeFfL:K+l3WiKy/+GbQRloWdtaT8aM
Score8/10-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-