General
-
Target
601467592b6be2f05a5b0b2cd957af21a51179d6aaf1970d0710c2ead7ccb980
-
Size
4.8MB
-
Sample
230328-h58ekabd3v
-
MD5
7d3332cd419ae7efed11fd30c329a6bc
-
SHA1
207233c8e98ed5b885dcebfa02e015a8ac4f5ab2
-
SHA256
601467592b6be2f05a5b0b2cd957af21a51179d6aaf1970d0710c2ead7ccb980
-
SHA512
d4146465dd56b67a6b3fd62d0d160c3744ac5c111294663857f66414d0deb0d2860c3bba0af6b8962a3f8be7fe6255a0dac0f7971a9bcded8b64b459045ffdea
-
SSDEEP
98304:SuQ9c6Aoix58kEbxq8Qt/myztbiKEMKvUs53qjnNlGDqnGW5P0Joecn5KLe8w:ZQlY5xEut/myzcKEMPsZqWDqnGWyiNnl
Static task
static1
Behavioral task
behavioral1
Sample
601467592b6be2f05a5b0b2cd957af21a51179d6aaf1970d0710c2ead7ccb980.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
601467592b6be2f05a5b0b2cd957af21a51179d6aaf1970d0710c2ead7ccb980
-
Size
4.8MB
-
MD5
7d3332cd419ae7efed11fd30c329a6bc
-
SHA1
207233c8e98ed5b885dcebfa02e015a8ac4f5ab2
-
SHA256
601467592b6be2f05a5b0b2cd957af21a51179d6aaf1970d0710c2ead7ccb980
-
SHA512
d4146465dd56b67a6b3fd62d0d160c3744ac5c111294663857f66414d0deb0d2860c3bba0af6b8962a3f8be7fe6255a0dac0f7971a9bcded8b64b459045ffdea
-
SSDEEP
98304:SuQ9c6Aoix58kEbxq8Qt/myztbiKEMKvUs53qjnNlGDqnGW5P0Joecn5KLe8w:ZQlY5xEut/myzcKEMPsZqWDqnGWyiNnl
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-