General
-
Target
730b14f0cd762e802dc62748965715c79094ba8c6a417adedb901dec47f0f0ef
-
Size
1.1MB
-
Sample
221220-wytvgsdf7t
-
MD5
12c551d95262d265f771692612607054
-
SHA1
0b78e8322b95d989ba8e8a8c1e62da7e482c5284
-
SHA256
730b14f0cd762e802dc62748965715c79094ba8c6a417adedb901dec47f0f0ef
-
SHA512
45a0a37358909e3bac7f4afac1ae4f24573e0158350cfcbc6902385ed19560014c98978b633cf0f3a6cfacfd1f2214de67db1e7fed9b5009d92a9f105552732e
-
SSDEEP
24576:zawiDKAi6DmnL6nCFgTqKdjh0a8+brTc3DS9Vfo20+:efKf6KL6vTqo8sIDE4+
Static task
static1
Behavioral task
behavioral1
Sample
730b14f0cd762e802dc62748965715c79094ba8c6a417adedb901dec47f0f0ef.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
730b14f0cd762e802dc62748965715c79094ba8c6a417adedb901dec47f0f0ef
-
Size
1.1MB
-
MD5
12c551d95262d265f771692612607054
-
SHA1
0b78e8322b95d989ba8e8a8c1e62da7e482c5284
-
SHA256
730b14f0cd762e802dc62748965715c79094ba8c6a417adedb901dec47f0f0ef
-
SHA512
45a0a37358909e3bac7f4afac1ae4f24573e0158350cfcbc6902385ed19560014c98978b633cf0f3a6cfacfd1f2214de67db1e7fed9b5009d92a9f105552732e
-
SSDEEP
24576:zawiDKAi6DmnL6nCFgTqKdjh0a8+brTc3DS9Vfo20+:efKf6KL6vTqo8sIDE4+
Score10/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-