General
-
Target
622bf5a65f513feec269677d63e095bc14a81e4f0e4bd8d069ef56e869c3be6f
-
Size
1006KB
-
Sample
221219-bjgldsea47
-
MD5
6cb5f3f87eb396ca1f4f54195623f613
-
SHA1
1964c7e6de248841e6685fef3606d23c4ed77d1a
-
SHA256
622bf5a65f513feec269677d63e095bc14a81e4f0e4bd8d069ef56e869c3be6f
-
SHA512
f28e11828d991f8a77d8a9ac4f494c82440653925ce338f844aa3499de08235d1b7ce995d7c6de8f9c914c5a921f6d838594bb66fa1aa026fac2b6adddc980f6
-
SSDEEP
24576:9BlgOr2OqqWPF6SyaPHzC8Q4AS3gIlZUhFMYbXF:97gOrRqq8PymTCCx3bZGFLX
Static task
static1
Behavioral task
behavioral1
Sample
622bf5a65f513feec269677d63e095bc14a81e4f0e4bd8d069ef56e869c3be6f.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
622bf5a65f513feec269677d63e095bc14a81e4f0e4bd8d069ef56e869c3be6f
-
Size
1006KB
-
MD5
6cb5f3f87eb396ca1f4f54195623f613
-
SHA1
1964c7e6de248841e6685fef3606d23c4ed77d1a
-
SHA256
622bf5a65f513feec269677d63e095bc14a81e4f0e4bd8d069ef56e869c3be6f
-
SHA512
f28e11828d991f8a77d8a9ac4f494c82440653925ce338f844aa3499de08235d1b7ce995d7c6de8f9c914c5a921f6d838594bb66fa1aa026fac2b6adddc980f6
-
SSDEEP
24576:9BlgOr2OqqWPF6SyaPHzC8Q4AS3gIlZUhFMYbXF:97gOrRqq8PymTCCx3bZGFLX
-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-