General
-
Target
614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991
-
Size
1.0MB
-
Sample
241117-nas92ssreq
-
MD5
0c8331bea6b002a9ad465fce44ceeb1e
-
SHA1
78ac4cc95bce2e8e9de69d6faaef6758838d944d
-
SHA256
614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991
-
SHA512
cd8aa3db2e6f38905fdd78be9554ac1cbaa25878bf8b4c7b6f9f4dbbcb768b218ca60d8f3d69df9c176932552dab5f50c63583c077501766610d4d5195593d5a
-
SSDEEP
24576:ptb20pkaCqT5TBWgNQ7ah/CROKwuw8bZJvD6A:6Vg5tQ7ah/CUVqFF5
Static task
static1
Behavioral task
behavioral1
Sample
614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991
-
Size
1.0MB
-
MD5
0c8331bea6b002a9ad465fce44ceeb1e
-
SHA1
78ac4cc95bce2e8e9de69d6faaef6758838d944d
-
SHA256
614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991
-
SHA512
cd8aa3db2e6f38905fdd78be9554ac1cbaa25878bf8b4c7b6f9f4dbbcb768b218ca60d8f3d69df9c176932552dab5f50c63583c077501766610d4d5195593d5a
-
SSDEEP
24576:ptb20pkaCqT5TBWgNQ7ah/CROKwuw8bZJvD6A:6Vg5tQ7ah/CUVqFF5
Score6/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-