General
-
Target
ca0ed04925eeeeb637c01eed367de4c6fe5860ccb06c4415c01389acf650bc60
-
Size
4.8MB
-
Sample
230328-j8pbjabe9w
-
MD5
4a56492354dc1156b0cea8846ea659b1
-
SHA1
b3a76097d520530021e8e8060fc9d90a33eacba1
-
SHA256
ca0ed04925eeeeb637c01eed367de4c6fe5860ccb06c4415c01389acf650bc60
-
SHA512
a0db1c21f53df0220c40e89a51a790cb099d4ed07174a8bdfffaa225142369ab3e668d3e88dd0ad9f9f2ddc4b53889410cf29bae541f01ee1d192750b40a3302
-
SSDEEP
98304:zuWfI1A4bY1aOcDmV7XBLu0nfDM/wcwVq3z0Szr7BPJ7gEYvqiI9e2E9Cdvz2O2:z0A4byXcqBXBLVbMI8j0Sz5PxBYvqiIU
Static task
static1
Behavioral task
behavioral1
Sample
ca0ed04925eeeeb637c01eed367de4c6fe5860ccb06c4415c01389acf650bc60.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
ca0ed04925eeeeb637c01eed367de4c6fe5860ccb06c4415c01389acf650bc60
-
Size
4.8MB
-
MD5
4a56492354dc1156b0cea8846ea659b1
-
SHA1
b3a76097d520530021e8e8060fc9d90a33eacba1
-
SHA256
ca0ed04925eeeeb637c01eed367de4c6fe5860ccb06c4415c01389acf650bc60
-
SHA512
a0db1c21f53df0220c40e89a51a790cb099d4ed07174a8bdfffaa225142369ab3e668d3e88dd0ad9f9f2ddc4b53889410cf29bae541f01ee1d192750b40a3302
-
SSDEEP
98304:zuWfI1A4bY1aOcDmV7XBLu0nfDM/wcwVq3z0Szr7BPJ7gEYvqiI9e2E9Cdvz2O2:z0A4byXcqBXBLVbMI8j0Sz5PxBYvqiIU
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-