General
-
Target
ycof.exe
-
Size
1.1MB
-
Sample
230810-vktf5ahb8w
-
MD5
54a3bcca6b1eb92adb299a46df941826
-
SHA1
6988e010056d88985b8e8f8de06706327779d3ca
-
SHA256
c4ab81d7b7d44dd6dfc4f2b69dbe3f22fbf23c1ae49ab8edac2d26f85ae4514d
-
SHA512
4e4f10abf8a97f649060cb3eaa125a487141a42b87d2dc1449d87531d927031279bd7b48a3859ffa8f5d4400deea77022ecb00c61de8511756dc9c0d27e3f150
-
SSDEEP
24576:I+Z6pjqiycCc0Ic7dYnG8896mYdB3g17yp/Xx3xShc1ZcQGcoCKVXUGGotVjYmM+:fY+ICc0t7iG88Rp7AfxBShc1ZcQGZlVx
Static task
static1
Behavioral task
behavioral1
Sample
ycof.dll
Resource
win10-20230703-en
Behavioral task
behavioral2
Sample
ycof.dll
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
ycof.exe
-
Size
1.1MB
-
MD5
54a3bcca6b1eb92adb299a46df941826
-
SHA1
6988e010056d88985b8e8f8de06706327779d3ca
-
SHA256
c4ab81d7b7d44dd6dfc4f2b69dbe3f22fbf23c1ae49ab8edac2d26f85ae4514d
-
SHA512
4e4f10abf8a97f649060cb3eaa125a487141a42b87d2dc1449d87531d927031279bd7b48a3859ffa8f5d4400deea77022ecb00c61de8511756dc9c0d27e3f150
-
SSDEEP
24576:I+Z6pjqiycCc0Ic7dYnG8896mYdB3g17yp/Xx3xShc1ZcQGcoCKVXUGGotVjYmM+:fY+ICc0t7iG88Rp7AfxBShc1ZcQGZlVx
Score8/10-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-