General
-
Target
5dd0d509a4f5216e1c8c8a9701f545930ded885a32b20751fc3b9ca2699d7d58
-
Size
3.7MB
-
Sample
230206-tsmswaeg86
-
MD5
9f416b6172c39eeb1447081f48bcb1b7
-
SHA1
e9659f79ebc158eadcaedf159d95d68e86e7e13f
-
SHA256
5dd0d509a4f5216e1c8c8a9701f545930ded885a32b20751fc3b9ca2699d7d58
-
SHA512
770e35b3803fc0ae3522d2785fac70600e9299bc437e601c5c4e26f4bfa42639b60b9835ad22cc7e3b3775fb85b2fe9a14428c5877a9b93c6d90bd609b79bb67
-
SSDEEP
98304:2ZF+UtCLWySWk2sswA2RSWwkEOuUbTsq4o+wlSJW:AF5tDtWk9sR2RSW8yT4UA
Static task
static1
Behavioral task
behavioral1
Sample
5dd0d509a4f5216e1c8c8a9701f545930ded885a32b20751fc3b9ca2699d7d58.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
5dd0d509a4f5216e1c8c8a9701f545930ded885a32b20751fc3b9ca2699d7d58
-
Size
3.7MB
-
MD5
9f416b6172c39eeb1447081f48bcb1b7
-
SHA1
e9659f79ebc158eadcaedf159d95d68e86e7e13f
-
SHA256
5dd0d509a4f5216e1c8c8a9701f545930ded885a32b20751fc3b9ca2699d7d58
-
SHA512
770e35b3803fc0ae3522d2785fac70600e9299bc437e601c5c4e26f4bfa42639b60b9835ad22cc7e3b3775fb85b2fe9a14428c5877a9b93c6d90bd609b79bb67
-
SSDEEP
98304:2ZF+UtCLWySWk2sswA2RSWwkEOuUbTsq4o+wlSJW:AF5tDtWk9sR2RSW8yT4UA
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-