General
-
Target
fish.png
-
Size
230KB
-
Sample
250515-nq735sfm4v
-
MD5
ac0e4629aae9a22f1d9afc2103b62d03
-
SHA1
02ea4886e9ae6022f844822d428564a630f0ff03
-
SHA256
c8036ad2e998627d2ac3bd47464ec41a9c388e60a3836f0cdbefb20e24bb7060
-
SHA512
d6b64e2191e18a10dfbf05dcd725ea8ede791adb266ab68ebb3dc2435235cfc29478dd936a421696eb74b326a2094cfa2d6eaa6afba7baf60bb86333d1961950
-
SSDEEP
6144:CO5ubT4PxOl5bQaRfIOiHzSgzbU2bIwUH6:P5ubT45CfIVHzSLRwI6
Static task
static1
Behavioral task
behavioral1
Sample
fish.png
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
fish.png
-
Size
230KB
-
MD5
ac0e4629aae9a22f1d9afc2103b62d03
-
SHA1
02ea4886e9ae6022f844822d428564a630f0ff03
-
SHA256
c8036ad2e998627d2ac3bd47464ec41a9c388e60a3836f0cdbefb20e24bb7060
-
SHA512
d6b64e2191e18a10dfbf05dcd725ea8ede791adb266ab68ebb3dc2435235cfc29478dd936a421696eb74b326a2094cfa2d6eaa6afba7baf60bb86333d1961950
-
SSDEEP
6144:CO5ubT4PxOl5bQaRfIOiHzSgzbU2bIwUH6:P5ubT45CfIVHzSLRwI6
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Disables Task Manager via registry modification
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Sets desktop wallpaper using registry
-