General
-
Target
b2cc4454c0a4fc80b1fc782c45ac7f76b1d95913d259090a2523819aeec88eb5.exe
-
Size
163KB
-
Sample
240822-mrl2masdkh
-
MD5
1a7d1b5d24ba30c4d3d5502295ab5e89
-
SHA1
2d5e69cf335605ba0a61f0bbecbea6fc06a42563
-
SHA256
b2cc4454c0a4fc80b1fc782c45ac7f76b1d95913d259090a2523819aeec88eb5
-
SHA512
859180338958509934d22dbc9be9da896118739d87727eb68744713259e819551f7534440c545185f469da03c86d96e425cdf5aae3fb027bb8b7f51044e08eaa
-
SSDEEP
3072:TQpsSyjlzA664oL8tIoDJxGtIVORPrdAHjl3+uwF+iBDZ/wXxnTFKe8kaz:TQpsSyjlzfnoNGxGo6PrdAHwtMxn4e8N
Static task
static1
Behavioral task
behavioral1
Sample
b2cc4454c0a4fc80b1fc782c45ac7f76b1d95913d259090a2523819aeec88eb5.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b2cc4454c0a4fc80b1fc782c45ac7f76b1d95913d259090a2523819aeec88eb5.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b2cc4454c0a4fc80b1fc782c45ac7f76b1d95913d259090a2523819aeec88eb5.exe
-
Size
163KB
-
MD5
1a7d1b5d24ba30c4d3d5502295ab5e89
-
SHA1
2d5e69cf335605ba0a61f0bbecbea6fc06a42563
-
SHA256
b2cc4454c0a4fc80b1fc782c45ac7f76b1d95913d259090a2523819aeec88eb5
-
SHA512
859180338958509934d22dbc9be9da896118739d87727eb68744713259e819551f7534440c545185f469da03c86d96e425cdf5aae3fb027bb8b7f51044e08eaa
-
SSDEEP
3072:TQpsSyjlzA664oL8tIoDJxGtIVORPrdAHjl3+uwF+iBDZ/wXxnTFKe8kaz:TQpsSyjlzfnoNGxGo6PrdAHwtMxn4e8N
Score10/10-
Modifies security service
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Indicator Removal: Clear Windows Event Logs
Clear Windows Event Logs to hide the activity of an intrusion.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-