General
-
Target
57462a03024056258e2b9979d50efb16e30ecdab9e9cda9bc7e7e62fd6a694bb
-
Size
1.1MB
-
Sample
221220-3bj54aed6y
-
MD5
cefdeeedeae94644485f2f7b17479059
-
SHA1
98875840acd3da6fd699b3b8b96aa3cfa1796580
-
SHA256
57462a03024056258e2b9979d50efb16e30ecdab9e9cda9bc7e7e62fd6a694bb
-
SHA512
f52f8484a03dcf4d57e6f43ce46effa301ae5ab580000cd03a6d6587678c1c3a6b6ed9e289d915e342e506aa9ea46e66eec039a0db2f82d53d020bf33bb8f6c4
-
SSDEEP
12288:PSnF2P2yBuTM2Hc0jRlXzSw29b7E3uhpmHuibF6Uado5tmA8Kr84go6Iw85UCR4B:3P1cMCJjnf2R7HpswkFr8vh6R4nepu
Static task
static1
Behavioral task
behavioral1
Sample
57462a03024056258e2b9979d50efb16e30ecdab9e9cda9bc7e7e62fd6a694bb.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
57462a03024056258e2b9979d50efb16e30ecdab9e9cda9bc7e7e62fd6a694bb
-
Size
1.1MB
-
MD5
cefdeeedeae94644485f2f7b17479059
-
SHA1
98875840acd3da6fd699b3b8b96aa3cfa1796580
-
SHA256
57462a03024056258e2b9979d50efb16e30ecdab9e9cda9bc7e7e62fd6a694bb
-
SHA512
f52f8484a03dcf4d57e6f43ce46effa301ae5ab580000cd03a6d6587678c1c3a6b6ed9e289d915e342e506aa9ea46e66eec039a0db2f82d53d020bf33bb8f6c4
-
SSDEEP
12288:PSnF2P2yBuTM2Hc0jRlXzSw29b7E3uhpmHuibF6Uado5tmA8Kr84go6Iw85UCR4B:3P1cMCJjnf2R7HpswkFr8vh6R4nepu
-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-