General
-
Target
27c9af66abec4f162bc79ab37e5c913f23265b5c8af15c6670cf8ef3fdac6bb2
-
Size
4.8MB
-
Sample
230327-1h8e6afd54
-
MD5
6d7cf4d53df7fe8d601362305e67b2a3
-
SHA1
54868a950d0d9aa5ebfd615e476608b69f3562f4
-
SHA256
27c9af66abec4f162bc79ab37e5c913f23265b5c8af15c6670cf8ef3fdac6bb2
-
SHA512
4658a9a986f440ee64527d45c09e39509418f2243608e04135e0a7a3a5bf205017cf30fe2a28415ad46d48cffb46cee4693882aa70f41680cf2f4280dc42eb1f
-
SSDEEP
98304:KDbq/2B/zpkCX8VXWFNcwZlP8YEA0h0lZCr7IcOyXw5yVnRVMNKGf8J:yNBpcVoZBDEA0hYCrUDUuKG
Static task
static1
Behavioral task
behavioral1
Sample
27c9af66abec4f162bc79ab37e5c913f23265b5c8af15c6670cf8ef3fdac6bb2.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
27c9af66abec4f162bc79ab37e5c913f23265b5c8af15c6670cf8ef3fdac6bb2
-
Size
4.8MB
-
MD5
6d7cf4d53df7fe8d601362305e67b2a3
-
SHA1
54868a950d0d9aa5ebfd615e476608b69f3562f4
-
SHA256
27c9af66abec4f162bc79ab37e5c913f23265b5c8af15c6670cf8ef3fdac6bb2
-
SHA512
4658a9a986f440ee64527d45c09e39509418f2243608e04135e0a7a3a5bf205017cf30fe2a28415ad46d48cffb46cee4693882aa70f41680cf2f4280dc42eb1f
-
SSDEEP
98304:KDbq/2B/zpkCX8VXWFNcwZlP8YEA0h0lZCr7IcOyXw5yVnRVMNKGf8J:yNBpcVoZBDEA0hYCrUDUuKG
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-