General
-
Target
ef33d38d61e0a474144d0c65d9c195fdcfd1cf755f3d8adc35b0ca665e247cef
-
Size
3.7MB
-
Sample
221128-mv1zysge77
-
MD5
17408d6bc2746fd8fdb3cd050c02530e
-
SHA1
d6141b60c37d6c20914d397f1ff38ea1b163a312
-
SHA256
ef33d38d61e0a474144d0c65d9c195fdcfd1cf755f3d8adc35b0ca665e247cef
-
SHA512
e9d3d988892f82b308f9c70936852f27c313aacde9c82798527933ee6a38ea5b51455598d49d144a6d521bae0d06c848cf2293b5c7073b42fc6faed3bf9668d0
-
SSDEEP
98304:18Sp9eQ3km1fDiOlJv4cN+BZh6MAfu+2TaKobC:18SLeQ3kmctcG9aKo
Static task
static1
Behavioral task
behavioral1
Sample
ef33d38d61e0a474144d0c65d9c195fdcfd1cf755f3d8adc35b0ca665e247cef.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
ef33d38d61e0a474144d0c65d9c195fdcfd1cf755f3d8adc35b0ca665e247cef
-
Size
3.7MB
-
MD5
17408d6bc2746fd8fdb3cd050c02530e
-
SHA1
d6141b60c37d6c20914d397f1ff38ea1b163a312
-
SHA256
ef33d38d61e0a474144d0c65d9c195fdcfd1cf755f3d8adc35b0ca665e247cef
-
SHA512
e9d3d988892f82b308f9c70936852f27c313aacde9c82798527933ee6a38ea5b51455598d49d144a6d521bae0d06c848cf2293b5c7073b42fc6faed3bf9668d0
-
SSDEEP
98304:18Sp9eQ3km1fDiOlJv4cN+BZh6MAfu+2TaKobC:18SLeQ3kmctcG9aKo
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-