General
-
Target
60b74d0ec9fb51ab872ebc48ab29ee078d2b62a6424351af2fe003afc938eb97
-
Size
349KB
-
Sample
221202-qgsm7sba49
-
MD5
ba7386d6d719c25211922c8cbe33fd14
-
SHA1
cc56118f3b50f2e0bbb155808ef984365dd5c0b6
-
SHA256
60b74d0ec9fb51ab872ebc48ab29ee078d2b62a6424351af2fe003afc938eb97
-
SHA512
57a6e755b75b7a13419e95dd5a3d321d71bd5996f215a405904a5e8845e9660d52eb8547ded9a08f565e80868b7b620b24eade57176d7bd72d389b8bfff7d545
-
SSDEEP
6144:jMkI8LNAuDspPBtA4kiduxeIowNxuRjMgU:j7nFDse4k3AQsRQg
Static task
static1
Behavioral task
behavioral1
Sample
60b74d0ec9fb51ab872ebc48ab29ee078d2b62a6424351af2fe003afc938eb97.exe
Resource
win10-20220901-en
Malware Config
Extracted
tofsee
svartalfheim.top
jotunheim.name
Targets
-
-
Target
60b74d0ec9fb51ab872ebc48ab29ee078d2b62a6424351af2fe003afc938eb97
-
Size
349KB
-
MD5
ba7386d6d719c25211922c8cbe33fd14
-
SHA1
cc56118f3b50f2e0bbb155808ef984365dd5c0b6
-
SHA256
60b74d0ec9fb51ab872ebc48ab29ee078d2b62a6424351af2fe003afc938eb97
-
SHA512
57a6e755b75b7a13419e95dd5a3d321d71bd5996f215a405904a5e8845e9660d52eb8547ded9a08f565e80868b7b620b24eade57176d7bd72d389b8bfff7d545
-
SSDEEP
6144:jMkI8LNAuDspPBtA4kiduxeIowNxuRjMgU:j7nFDse4k3AQsRQg
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Sets service image path in registry
-
Deletes itself
-
Suspicious use of SetThreadContext
-