General
-
Target
36cfa0e234d289738ca43878f695c4ed58de0e2db30edb6521d96c881ab14c7f
-
Size
1.1MB
-
Sample
221219-y4qfcsga53
-
MD5
b37a57c505e70d01d3b135a7a578652d
-
SHA1
558ff0476094928488e2104c30f7d51526842f98
-
SHA256
36cfa0e234d289738ca43878f695c4ed58de0e2db30edb6521d96c881ab14c7f
-
SHA512
62aa6d56c0dec7b43b9c44e60c68b4e56173e4910828f07e9769b2c19621eb1cc7ae6ef76509e56136622c90cd8b8510b28b4c4d5a528100691a1a279c2b1d9d
-
SSDEEP
24576:F5G1C2Ade8gBYEwNFZhyAPIRO5zruI+OUgjkL2GBWbFHQI:O1C2omSNFq2+I2ISggL2sIH
Static task
static1
Behavioral task
behavioral1
Sample
36cfa0e234d289738ca43878f695c4ed58de0e2db30edb6521d96c881ab14c7f.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
36cfa0e234d289738ca43878f695c4ed58de0e2db30edb6521d96c881ab14c7f
-
Size
1.1MB
-
MD5
b37a57c505e70d01d3b135a7a578652d
-
SHA1
558ff0476094928488e2104c30f7d51526842f98
-
SHA256
36cfa0e234d289738ca43878f695c4ed58de0e2db30edb6521d96c881ab14c7f
-
SHA512
62aa6d56c0dec7b43b9c44e60c68b4e56173e4910828f07e9769b2c19621eb1cc7ae6ef76509e56136622c90cd8b8510b28b4c4d5a528100691a1a279c2b1d9d
-
SSDEEP
24576:F5G1C2Ade8gBYEwNFZhyAPIRO5zruI+OUgjkL2GBWbFHQI:O1C2omSNFq2+I2ISggL2sIH
Score10/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-