General
-
Target
2c7500ac5ebb0116e640747b8a5f0a2648f7d2f5f516ebb398b864cccc626fbe
-
Size
726KB
-
Sample
221220-rww5lsdb31
-
MD5
6ea8a6cc5fed6c664df1b3ef7c56b55d
-
SHA1
6b244d708706441095ae97294928967ddf28432b
-
SHA256
2c7500ac5ebb0116e640747b8a5f0a2648f7d2f5f516ebb398b864cccc626fbe
-
SHA512
4a328a66df407e4c9fa230287104771ea3b5dd8265d60314797426101a8be19d13bc57de2388f0f90b20ada82d950e156ef4267c029080a6254b80eefd8b8741
-
SSDEEP
12288:UYc6zyKflM0Xtlu1C4M8Vwd5rt/m3LIaJU+SUCxDot:LcFQlM0X3ugaOrw3LLJjXCxst
Static task
static1
Behavioral task
behavioral1
Sample
2c7500ac5ebb0116e640747b8a5f0a2648f7d2f5f516ebb398b864cccc626fbe.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2c7500ac5ebb0116e640747b8a5f0a2648f7d2f5f516ebb398b864cccc626fbe.dll
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
2c7500ac5ebb0116e640747b8a5f0a2648f7d2f5f516ebb398b864cccc626fbe
-
Size
726KB
-
MD5
6ea8a6cc5fed6c664df1b3ef7c56b55d
-
SHA1
6b244d708706441095ae97294928967ddf28432b
-
SHA256
2c7500ac5ebb0116e640747b8a5f0a2648f7d2f5f516ebb398b864cccc626fbe
-
SHA512
4a328a66df407e4c9fa230287104771ea3b5dd8265d60314797426101a8be19d13bc57de2388f0f90b20ada82d950e156ef4267c029080a6254b80eefd8b8741
-
SSDEEP
12288:UYc6zyKflM0Xtlu1C4M8Vwd5rt/m3LIaJU+SUCxDot:LcFQlM0X3ugaOrw3LLJjXCxst
-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-