General
-
Target
52939ddac663150e902b58fdbb2d7b75.exe
-
Size
1.1MB
-
Sample
221219-k6q8saef64
-
MD5
52939ddac663150e902b58fdbb2d7b75
-
SHA1
a311ef6a1728ec247963a8b276da6f94d0d0a50c
-
SHA256
73c4486426a8ae3962e83259140d771c80532da079c3da94965039f9d9b8b11a
-
SHA512
6f6ee5ef9700fa2fbd332ad5b8a749614a465feb9c0c8d0eb7115296c414694f4401535da73d6a413eb62c7c8e9be7bf412b9ecf27c892f5dbc0b1fd62264789
-
SSDEEP
24576:RnpfiR2so90SCTanbH9v6ffSfkN9fs/FZyZrqkd5VzK6r:DiR2so06Riz3fs4td5VzKM
Static task
static1
Behavioral task
behavioral1
Sample
52939ddac663150e902b58fdbb2d7b75.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
52939ddac663150e902b58fdbb2d7b75.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
52939ddac663150e902b58fdbb2d7b75.exe
-
Size
1.1MB
-
MD5
52939ddac663150e902b58fdbb2d7b75
-
SHA1
a311ef6a1728ec247963a8b276da6f94d0d0a50c
-
SHA256
73c4486426a8ae3962e83259140d771c80532da079c3da94965039f9d9b8b11a
-
SHA512
6f6ee5ef9700fa2fbd332ad5b8a749614a465feb9c0c8d0eb7115296c414694f4401535da73d6a413eb62c7c8e9be7bf412b9ecf27c892f5dbc0b1fd62264789
-
SSDEEP
24576:RnpfiR2so90SCTanbH9v6ffSfkN9fs/FZyZrqkd5VzK6r:DiR2so06Riz3fs4td5VzKM
-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-