General
-
Target
lapov.exe
-
Size
1.1MB
-
Sample
221219-t25eaaae7t
-
MD5
8f4070594e2008388c46be164a59d9ae
-
SHA1
bbbfde91f46f1bbfc8139bdd1d44e7a22e185b69
-
SHA256
37b5287743c5de46c17952589bdc3632a5083450f799f6c8f314afa613f4ae34
-
SHA512
2897cdbe665f83cebe00fbffa91a0674c756a12fa8ff2da0dba32fb7076bf286cc0d1e17f8ab50dcbc456365ef85caca56b318d9bf50e32b0ee1e1cb3b7ebfb8
-
SSDEEP
24576:D4MwERrcsuCg2luv/4QwWU7kTV4t83ZUcwFP:MhMcsBl2whOHUDFP
Static task
static1
Behavioral task
behavioral1
Sample
lapov.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
lapov.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
lapov.exe
-
Size
1.1MB
-
MD5
8f4070594e2008388c46be164a59d9ae
-
SHA1
bbbfde91f46f1bbfc8139bdd1d44e7a22e185b69
-
SHA256
37b5287743c5de46c17952589bdc3632a5083450f799f6c8f314afa613f4ae34
-
SHA512
2897cdbe665f83cebe00fbffa91a0674c756a12fa8ff2da0dba32fb7076bf286cc0d1e17f8ab50dcbc456365ef85caca56b318d9bf50e32b0ee1e1cb3b7ebfb8
-
SSDEEP
24576:D4MwERrcsuCg2luv/4QwWU7kTV4t83ZUcwFP:MhMcsBl2whOHUDFP
-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-