General
-
Target
c8aeaadf9052b9a10a5e46ab181002e693942ccaeaea07c6fb9151506a4b1b5d
-
Size
4.8MB
-
Sample
230327-y4nxjahb4w
-
MD5
1f52b638a5b0a3d7b87eac385fbbb835
-
SHA1
c7ceef0f5a541d8edcf20e1b7689d720bb82e7ca
-
SHA256
c8aeaadf9052b9a10a5e46ab181002e693942ccaeaea07c6fb9151506a4b1b5d
-
SHA512
610eec49245363fc2e949135b1b9aa575ff57f8621355b6a5053c79f9c11e4ff3097514a561b1022e7a576cc54d08a6eda7db18676fb19125597e21d53bfee83
-
SSDEEP
98304:gUXOVPohzS21WsuG3JHGQyL6xQUgxA96L2lA3VD5CNBiNk5ajLfNO:gUXXzBjJxQDq9Y2lyVDANux
Static task
static1
Behavioral task
behavioral1
Sample
c8aeaadf9052b9a10a5e46ab181002e693942ccaeaea07c6fb9151506a4b1b5d.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
c8aeaadf9052b9a10a5e46ab181002e693942ccaeaea07c6fb9151506a4b1b5d
-
Size
4.8MB
-
MD5
1f52b638a5b0a3d7b87eac385fbbb835
-
SHA1
c7ceef0f5a541d8edcf20e1b7689d720bb82e7ca
-
SHA256
c8aeaadf9052b9a10a5e46ab181002e693942ccaeaea07c6fb9151506a4b1b5d
-
SHA512
610eec49245363fc2e949135b1b9aa575ff57f8621355b6a5053c79f9c11e4ff3097514a561b1022e7a576cc54d08a6eda7db18676fb19125597e21d53bfee83
-
SSDEEP
98304:gUXOVPohzS21WsuG3JHGQyL6xQUgxA96L2lA3VD5CNBiNk5ajLfNO:gUXXzBjJxQDq9Y2lyVDANux
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-