General
-
Target
ce4234cebbaf5ad991b4e09bfcafbd80d772bbe8b88d3680e839e8280b29ec13
-
Size
1.1MB
-
Sample
221221-d2mlgaef6w
-
MD5
4f8f0cab806928b5c4985da540a0040e
-
SHA1
ab7d7eef9e748e0fb0dae857dfb9e730b745fbfd
-
SHA256
ce4234cebbaf5ad991b4e09bfcafbd80d772bbe8b88d3680e839e8280b29ec13
-
SHA512
959b03e140c2af071841ba96dc9e194d78f31be019cb1f5909695bcca6fc110e0dab4047f3cc87cd17fc96834b51254e2dd9eef83e7ff696b6e3be9b60c10d7b
-
SSDEEP
24576:gaU4S7wNNaWFh8epb3pBe9F1xYbaoIIjX/TjV:gaU4aWzxbAF1waoIuXrjV
Static task
static1
Behavioral task
behavioral1
Sample
ce4234cebbaf5ad991b4e09bfcafbd80d772bbe8b88d3680e839e8280b29ec13.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
ce4234cebbaf5ad991b4e09bfcafbd80d772bbe8b88d3680e839e8280b29ec13
-
Size
1.1MB
-
MD5
4f8f0cab806928b5c4985da540a0040e
-
SHA1
ab7d7eef9e748e0fb0dae857dfb9e730b745fbfd
-
SHA256
ce4234cebbaf5ad991b4e09bfcafbd80d772bbe8b88d3680e839e8280b29ec13
-
SHA512
959b03e140c2af071841ba96dc9e194d78f31be019cb1f5909695bcca6fc110e0dab4047f3cc87cd17fc96834b51254e2dd9eef83e7ff696b6e3be9b60c10d7b
-
SSDEEP
24576:gaU4S7wNNaWFh8epb3pBe9F1xYbaoIIjX/TjV:gaU4aWzxbAF1waoIuXrjV
Score10/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-