Resubmissions
07-08-2024 08:32
240807-kffz5ayepf 7General
-
Target
18404625444.zip
-
Size
1.5MB
-
Sample
240807-kffz5ayepf
-
MD5
bacae7e50c2f028a0b054b02a8910dd4
-
SHA1
970d6f61d91535a5d3dc8bd89d27e4cc951f17dd
-
SHA256
0cf4be67281982334e2dd4499c2d083dee426f2deee2b722a1a8258bafab8e95
-
SHA512
1cd2f6695ad6caa44e70e41c8b689b76549a54b287a32ea87730b5e76caafee81aad4498bceeffd4b6dc607040781b9dfd130d50d1717c65f2823e7150b736d4
-
SSDEEP
24576:CYNqlI9KjPXvQaudP6N16pgN2Mx/GHJuM+SKSofZDm9toFhKjOPY40gUVqR4:nKTvQ/6nJNjxsJt+S+Bl2O50gfa
Static task
static1
Behavioral task
behavioral1
Sample
12ef1c8127ec3465520e4cfd23605b708d81a5a2cf37ba124f018e5c094de0d9.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
12ef1c8127ec3465520e4cfd23605b708d81a5a2cf37ba124f018e5c094de0d9
-
Size
1.5MB
-
MD5
c73433dd532d445d099385865f62148b
-
SHA1
4723c45f297cc8075eac69d2ef94e7e131d3a734
-
SHA256
12ef1c8127ec3465520e4cfd23605b708d81a5a2cf37ba124f018e5c094de0d9
-
SHA512
1211c8b67652664d6f66e248856b95ca557d4fdb4ea90d30df68208055d4c94fea0d158e7e6a965eae5915312dee33f62db882bb173faec5332a17bd2fb59447
-
SSDEEP
49152:ZEVAbJqaITViU3qLkr7toP9KT+uv6WC+5uxe1o58:ZEVcqeUaki9oBqt+
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-