General
-
Target
bac656d231228951da95598955b26e5e96204226ca6d5861456a53b3e6c8d5a2
-
Size
4.0MB
-
Sample
221129-t76vasad8v
-
MD5
c3679f83359ed6cd25cbd4571fa5f936
-
SHA1
80dbc038b067e08fd4df1029883a2689f14c3b91
-
SHA256
bac656d231228951da95598955b26e5e96204226ca6d5861456a53b3e6c8d5a2
-
SHA512
4b2faf20cb8fcf6d1d26d50168230dbe3b9258c5f62e292c5260f38ee1e395dedac6952710015415bd9979b7bb8beb8094e6439ac2d46291b3de8c7c94dcc471
-
SSDEEP
98304:NCOb6eX8O55MtK/D8z1KHchr3tRqHoJ2SpiZ+Hp3a/:8kX5v/LchjtRqH4piZMa/
Static task
static1
Behavioral task
behavioral1
Sample
bac656d231228951da95598955b26e5e96204226ca6d5861456a53b3e6c8d5a2.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
bac656d231228951da95598955b26e5e96204226ca6d5861456a53b3e6c8d5a2
-
Size
4.0MB
-
MD5
c3679f83359ed6cd25cbd4571fa5f936
-
SHA1
80dbc038b067e08fd4df1029883a2689f14c3b91
-
SHA256
bac656d231228951da95598955b26e5e96204226ca6d5861456a53b3e6c8d5a2
-
SHA512
4b2faf20cb8fcf6d1d26d50168230dbe3b9258c5f62e292c5260f38ee1e395dedac6952710015415bd9979b7bb8beb8094e6439ac2d46291b3de8c7c94dcc471
-
SSDEEP
98304:NCOb6eX8O55MtK/D8z1KHchr3tRqHoJ2SpiZ+Hp3a/:8kX5v/LchjtRqH4piZMa/
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-