General
-
Target
c51c27c86facb3ce46801e6a9f900292b5ba336760708438483e5246b7440029
-
Size
1.1MB
-
Sample
221219-ns6cbseh54
-
MD5
8a4cb873c04ffe6859dd5bb381fed9b2
-
SHA1
c71cb06097a8172057c7dd0ca61c27e164c1939a
-
SHA256
c51c27c86facb3ce46801e6a9f900292b5ba336760708438483e5246b7440029
-
SHA512
352510a901636c9880afea8bdb1b9a8da63bed989b959ef1a560ec6baf59ea09ada9b04f853a838938510507b0d4d3aab484b46876a9801d7f9b138af7bd0fbd
-
SSDEEP
24576:cV/Gyl0a5nGoVsJIsk/DVdmsbzK8+2HDE0j1D3W9:u1F5nnsJvk/Tmsb2sHB7W9
Static task
static1
Behavioral task
behavioral1
Sample
c51c27c86facb3ce46801e6a9f900292b5ba336760708438483e5246b7440029.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
c51c27c86facb3ce46801e6a9f900292b5ba336760708438483e5246b7440029
-
Size
1.1MB
-
MD5
8a4cb873c04ffe6859dd5bb381fed9b2
-
SHA1
c71cb06097a8172057c7dd0ca61c27e164c1939a
-
SHA256
c51c27c86facb3ce46801e6a9f900292b5ba336760708438483e5246b7440029
-
SHA512
352510a901636c9880afea8bdb1b9a8da63bed989b959ef1a560ec6baf59ea09ada9b04f853a838938510507b0d4d3aab484b46876a9801d7f9b138af7bd0fbd
-
SSDEEP
24576:cV/Gyl0a5nGoVsJIsk/DVdmsbzK8+2HDE0j1D3W9:u1F5nnsJvk/Tmsb2sHB7W9
-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-