General
-
Target
5deef62742a512f4b374349242938078be3f5158e37973cf731d8423c5c48f0c.exe
-
Size
19.9MB
-
Sample
240419-qgfnmsec51
-
MD5
3f3772337a3b73822f085dbb0cd01900
-
SHA1
7f1bfc5f2d474c4156311d1ba45b2e210af9379b
-
SHA256
5deef62742a512f4b374349242938078be3f5158e37973cf731d8423c5c48f0c
-
SHA512
d3d90adbbaae1e259fb994caeb73e61918473587bb25e0b2710293fa84c30127ae07a391337fea11e3e1443724598460abc263b6cfa6c7b844a9ad8e2dda5aec
-
SSDEEP
393216:cFU/V+K4eN01QnnYBeFsfgTDfDg5yc6me2DW8Y3+d9E4176:cmVaeC1QtsfgTb05NLW8YOd9EA+
Behavioral task
behavioral1
Sample
5deef62742a512f4b374349242938078be3f5158e37973cf731d8423c5c48f0c.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5deef62742a512f4b374349242938078be3f5158e37973cf731d8423c5c48f0c.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
5deef62742a512f4b374349242938078be3f5158e37973cf731d8423c5c48f0c.exe
-
Size
19.9MB
-
MD5
3f3772337a3b73822f085dbb0cd01900
-
SHA1
7f1bfc5f2d474c4156311d1ba45b2e210af9379b
-
SHA256
5deef62742a512f4b374349242938078be3f5158e37973cf731d8423c5c48f0c
-
SHA512
d3d90adbbaae1e259fb994caeb73e61918473587bb25e0b2710293fa84c30127ae07a391337fea11e3e1443724598460abc263b6cfa6c7b844a9ad8e2dda5aec
-
SSDEEP
393216:cFU/V+K4eN01QnnYBeFsfgTDfDg5yc6me2DW8Y3+d9E4176:cmVaeC1QtsfgTb05NLW8YOd9EA+
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Sets desktop wallpaper using registry
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-