General
-
Target
504e6741172bd74e525a5a5fb601be8ed7df12c75b80d34dce7ed3f279ade2f1
-
Size
1.1MB
-
Sample
221220-yxpv9aeb2x
-
MD5
699b75e4a4d34afc5b27d1cb4d3ed559
-
SHA1
159e32c21d11db1900fcd26ce60ff129f6fcdebc
-
SHA256
504e6741172bd74e525a5a5fb601be8ed7df12c75b80d34dce7ed3f279ade2f1
-
SHA512
522ba8be9494ad696f0f5d1820759a3d4d5ddc66dda70d6d91267bc03b0b6a7b850031fcdffce78909c14ec6e827edbce40c8af816cdfd8d5a7a5c89d8b0f81d
-
SSDEEP
24576:nU/SeIjfpuFzqarM3WdElkP3cOEQU+BVXr/PTeX:brLczGWdEWPMOzb7/I
Static task
static1
Behavioral task
behavioral1
Sample
504e6741172bd74e525a5a5fb601be8ed7df12c75b80d34dce7ed3f279ade2f1.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
504e6741172bd74e525a5a5fb601be8ed7df12c75b80d34dce7ed3f279ade2f1
-
Size
1.1MB
-
MD5
699b75e4a4d34afc5b27d1cb4d3ed559
-
SHA1
159e32c21d11db1900fcd26ce60ff129f6fcdebc
-
SHA256
504e6741172bd74e525a5a5fb601be8ed7df12c75b80d34dce7ed3f279ade2f1
-
SHA512
522ba8be9494ad696f0f5d1820759a3d4d5ddc66dda70d6d91267bc03b0b6a7b850031fcdffce78909c14ec6e827edbce40c8af816cdfd8d5a7a5c89d8b0f81d
-
SSDEEP
24576:nU/SeIjfpuFzqarM3WdElkP3cOEQU+BVXr/PTeX:brLczGWdEWPMOzb7/I
-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-