General
-
Target
4ba96ecdcdfa746de28a0ee3ef474842e829917c9486ace35ec4cc2fa1ad956f
-
Size
5.6MB
-
Sample
230102-jhsw2agg8y
-
MD5
7f10125be56d12f583d799ab88e39bf9
-
SHA1
9c4b2170f21b1752729b260a59f730ab97aa27ca
-
SHA256
4ba96ecdcdfa746de28a0ee3ef474842e829917c9486ace35ec4cc2fa1ad956f
-
SHA512
56a4fff01280f79171f3bd28e4fb40c5d09614ee67679b396bbfdec5efbb63f5e0b96105c687eb2beaa44eab0851da386ad0f7a7ab533483a2745641e15a3b4d
-
SSDEEP
98304:9YFkXiz3FcBnd1X0HHdWHp9TRRhTcRQVhLhLkSr8DKOrbkC8+1tSj0yu:uFm8GJd1X0HHdULmy9SqsBl8+1tSjt
Static task
static1
Behavioral task
behavioral1
Sample
4ba96ecdcdfa746de28a0ee3ef474842e829917c9486ace35ec4cc2fa1ad956f.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
4ba96ecdcdfa746de28a0ee3ef474842e829917c9486ace35ec4cc2fa1ad956f
-
Size
5.6MB
-
MD5
7f10125be56d12f583d799ab88e39bf9
-
SHA1
9c4b2170f21b1752729b260a59f730ab97aa27ca
-
SHA256
4ba96ecdcdfa746de28a0ee3ef474842e829917c9486ace35ec4cc2fa1ad956f
-
SHA512
56a4fff01280f79171f3bd28e4fb40c5d09614ee67679b396bbfdec5efbb63f5e0b96105c687eb2beaa44eab0851da386ad0f7a7ab533483a2745641e15a3b4d
-
SSDEEP
98304:9YFkXiz3FcBnd1X0HHdWHp9TRRhTcRQVhLhLkSr8DKOrbkC8+1tSj0yu:uFm8GJd1X0HHdULmy9SqsBl8+1tSjt
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-