General
-
Target
Screenshot 2024-05-29 10.09.25 AM.png
-
Size
12KB
-
Sample
240603-v7ypcsdg8w
-
MD5
452647f957790a9dfa2e294096f55601
-
SHA1
48bac8278d06d42d103b1aee42f92b7d5a51979b
-
SHA256
86b5fd67ea3653c237b26feff0a8c4820eeb6a6e9f32e19bd23328edff170626
-
SHA512
0a6109ac1b21742d1125f29975bcc271f1441331f79a1ef80aa53991cf4c3874c86532102d93cf6ff6bf78eb516b96dfbe5f0118861998c94c6ccfe4145c14bd
-
SSDEEP
384:cdRMbtA4QL4XTLBVLQPEEE7l8yjx/UT+BnOzeMB13:kMbtjQQxlNjx/UbF
Static task
static1
Behavioral task
behavioral1
Sample
Screenshot 2024-05-29 10.09.25 AM.png
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Screenshot 2024-05-29 10.09.25 AM.png
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Screenshot 2024-05-29 10.09.25 AM.png
-
Size
12KB
-
MD5
452647f957790a9dfa2e294096f55601
-
SHA1
48bac8278d06d42d103b1aee42f92b7d5a51979b
-
SHA256
86b5fd67ea3653c237b26feff0a8c4820eeb6a6e9f32e19bd23328edff170626
-
SHA512
0a6109ac1b21742d1125f29975bcc271f1441331f79a1ef80aa53991cf4c3874c86532102d93cf6ff6bf78eb516b96dfbe5f0118861998c94c6ccfe4145c14bd
-
SSDEEP
384:cdRMbtA4QL4XTLBVLQPEEE7l8yjx/UT+BnOzeMB13:kMbtjQQxlNjx/UbF
Score8/10-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-