General
-
Target
6672c4dd15ff126d4b6fe7efb05fde64485256dd3ce739e0df983cf26c7d553c.exe
-
Size
963KB
-
Sample
240322-c817rsfe35
-
MD5
67427fb1fb379997467716984fe0a9ab
-
SHA1
091aef3b23437ea50aa98200559b988d00802f47
-
SHA256
6672c4dd15ff126d4b6fe7efb05fde64485256dd3ce739e0df983cf26c7d553c
-
SHA512
eab16dc2f49784cf5f91b4886d4323dc162b9ab290a607cbf101b762a4a455357973d432fa898b5a5ce26e2c27e0ee0718ec28d43bb145733f45ae2c944672dc
-
SSDEEP
24576:3bZCmf67FtuZFX3KJQgSAA530CswlA+6dqdvpoUF3r:r3f67FtuZB3oQFms1F3r
Static task
static1
Behavioral task
behavioral1
Sample
6672c4dd15ff126d4b6fe7efb05fde64485256dd3ce739e0df983cf26c7d553c.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6672c4dd15ff126d4b6fe7efb05fde64485256dd3ce739e0df983cf26c7d553c.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
Fangarme/Unfrocked/Beside.ps1
Resource
win7-20240215-en
Behavioral task
behavioral4
Sample
Fangarme/Unfrocked/Beside.ps1
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
6672c4dd15ff126d4b6fe7efb05fde64485256dd3ce739e0df983cf26c7d553c.exe
-
Size
963KB
-
MD5
67427fb1fb379997467716984fe0a9ab
-
SHA1
091aef3b23437ea50aa98200559b988d00802f47
-
SHA256
6672c4dd15ff126d4b6fe7efb05fde64485256dd3ce739e0df983cf26c7d553c
-
SHA512
eab16dc2f49784cf5f91b4886d4323dc162b9ab290a607cbf101b762a4a455357973d432fa898b5a5ce26e2c27e0ee0718ec28d43bb145733f45ae2c944672dc
-
SSDEEP
24576:3bZCmf67FtuZFX3KJQgSAA530CswlA+6dqdvpoUF3r:r3f67FtuZB3oQFms1F3r
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
Fangarme/Unfrocked/Beside.Fst
-
Size
57KB
-
MD5
4b7717b799924b965c87395fd3525e75
-
SHA1
497905fee98b47d49d2a307e63a3a150e9024da4
-
SHA256
3328223bc86a8827b1790755d0c91c6b7f3cea91b18f8cfb24247ca0526ecf60
-
SHA512
eabcd57e04d51874ef723663443f4f61abd1a11877f9c78e9724e1af0407f8f89fe4e22df66af96f3a3654b77fb197c8d93235764d52b3a91c513fed8a66ba0e
-
SSDEEP
768:W/CIxu9s4ROzL5W7brBAkk9uBsiSq2mGj2hwHjhImHYlNQmu+DVgku/thQk:UyxRO3I7tyiSq2Xj2hSQnWEmN/TQk
Score8/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-