General
-
Target
c8d141b0d0a157275bb4505cfe3fef75ef9d08f0738299a49be28a0329681f1a
-
Size
277KB
-
Sample
221202-gmsqqahh63
-
MD5
f45d7484b380f381a87585575c7db43a
-
SHA1
bf539ad755fe1524219d2c4ea59ab7f141b812ba
-
SHA256
c8d141b0d0a157275bb4505cfe3fef75ef9d08f0738299a49be28a0329681f1a
-
SHA512
4f818cec22ded75b20128891c7e5c6242cbb6e2da89e2909ffbef7257be894b0339389ad8d2fa451bfbf617e56a1dcab1c8c1ceeb01ca551b3d5ab2c4a5c597d
-
SSDEEP
6144:r+MLF21xnMnD4j/A2AO8E4rOKnuRjMgU:rJx27MD4jZU/uRQg
Static task
static1
Behavioral task
behavioral1
Sample
c8d141b0d0a157275bb4505cfe3fef75ef9d08f0738299a49be28a0329681f1a.exe
Resource
win10-20220812-en
Malware Config
Extracted
tofsee
svartalfheim.top
jotunheim.name
Targets
-
-
Target
c8d141b0d0a157275bb4505cfe3fef75ef9d08f0738299a49be28a0329681f1a
-
Size
277KB
-
MD5
f45d7484b380f381a87585575c7db43a
-
SHA1
bf539ad755fe1524219d2c4ea59ab7f141b812ba
-
SHA256
c8d141b0d0a157275bb4505cfe3fef75ef9d08f0738299a49be28a0329681f1a
-
SHA512
4f818cec22ded75b20128891c7e5c6242cbb6e2da89e2909ffbef7257be894b0339389ad8d2fa451bfbf617e56a1dcab1c8c1ceeb01ca551b3d5ab2c4a5c597d
-
SSDEEP
6144:r+MLF21xnMnD4j/A2AO8E4rOKnuRjMgU:rJx27MD4jZU/uRQg
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-