General
-
Target
054658904a19e8864e90f1e125c92530d57a2d911dafa7fd97eb45d8856922db
-
Size
1004KB
-
Sample
221218-1cj6dagg21
-
MD5
1a8e406d5c8ee2782bef58cedc387bca
-
SHA1
d8f8eb4a2245e0688d031f511a04c0d219f94356
-
SHA256
054658904a19e8864e90f1e125c92530d57a2d911dafa7fd97eb45d8856922db
-
SHA512
72f216529ec432d525e1843cfaf77f0109a37e429042d0f19ea2acd3ecacdd5728d8410de2c76c1e20b39ee060f693ad1827dce83f75deb043692d9d06b8b6a9
-
SSDEEP
24576:xIx3Z40aPvEYPgLOI8Z1R1ZEvyTA+7DPKMbUAbkznKYbXF:KJuvrg6I8dhA+3hUYkrJX
Static task
static1
Behavioral task
behavioral1
Sample
054658904a19e8864e90f1e125c92530d57a2d911dafa7fd97eb45d8856922db.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
054658904a19e8864e90f1e125c92530d57a2d911dafa7fd97eb45d8856922db
-
Size
1004KB
-
MD5
1a8e406d5c8ee2782bef58cedc387bca
-
SHA1
d8f8eb4a2245e0688d031f511a04c0d219f94356
-
SHA256
054658904a19e8864e90f1e125c92530d57a2d911dafa7fd97eb45d8856922db
-
SHA512
72f216529ec432d525e1843cfaf77f0109a37e429042d0f19ea2acd3ecacdd5728d8410de2c76c1e20b39ee060f693ad1827dce83f75deb043692d9d06b8b6a9
-
SSDEEP
24576:xIx3Z40aPvEYPgLOI8Z1R1ZEvyTA+7DPKMbUAbkznKYbXF:KJuvrg6I8dhA+3hUYkrJX
-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-