General
-
Target
ccb24cdcb25808cded90c899cd54fb82ba249424780bb0e96921cc9efd042abf
-
Size
691KB
-
Sample
221202-r3gcqsgb39
-
MD5
e6b7474347695e45dbd9fd376522c216
-
SHA1
7dd59e21a53eff959c2dab1e291eb59d81ce489f
-
SHA256
ccb24cdcb25808cded90c899cd54fb82ba249424780bb0e96921cc9efd042abf
-
SHA512
6d3a0cbe0c3fb2d96c172fdd67691aa65bd487baa91a6cc36a951349d0be5ba37c642a36754eca6f2a1221b705e8a599993371f517dac8de25dce5bbb484a711
-
SSDEEP
12288:C9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKD:wAQ6Zx9cxTmOrucTIEFSpOG
Behavioral task
behavioral1
Sample
ccb24cdcb25808cded90c899cd54fb82ba249424780bb0e96921cc9efd042abf.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ccb24cdcb25808cded90c899cd54fb82ba249424780bb0e96921cc9efd042abf.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
ccb24cdcb25808cded90c899cd54fb82ba249424780bb0e96921cc9efd042abf
-
Size
691KB
-
MD5
e6b7474347695e45dbd9fd376522c216
-
SHA1
7dd59e21a53eff959c2dab1e291eb59d81ce489f
-
SHA256
ccb24cdcb25808cded90c899cd54fb82ba249424780bb0e96921cc9efd042abf
-
SHA512
6d3a0cbe0c3fb2d96c172fdd67691aa65bd487baa91a6cc36a951349d0be5ba37c642a36754eca6f2a1221b705e8a599993371f517dac8de25dce5bbb484a711
-
SSDEEP
12288:C9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKD:wAQ6Zx9cxTmOrucTIEFSpOG
Score10/10-
Modifies WinLogon for persistence
-
Modifies security service
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Deletes itself
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-