General
-
Target
705d13694a98f8bbe7624d27646e60af6586e1598fcca6464414ded3ae43d1f5.exe
-
Size
892KB
-
Sample
240703-bthw7szfmg
-
MD5
3fb7cb8d7fd9efd2bc0cae35eb42c4fe
-
SHA1
ce06ab538757edb9b1d4cce656006da0d3795bb1
-
SHA256
705d13694a98f8bbe7624d27646e60af6586e1598fcca6464414ded3ae43d1f5
-
SHA512
97bbe6ba4c9cd15466cce57a762b537df55224329a354f119c7ea1af9f554888ba7c477027c83dc62b39b9d74d4ac11fb97fa206eea86c24a515a2f7a399a694
-
SSDEEP
24576:JOreqxsYYU8rG98siSVrcQ8EO0fG5vq7He:JOCgLY69PRxfyq7+
Static task
static1
Behavioral task
behavioral1
Sample
705d13694a98f8bbe7624d27646e60af6586e1598fcca6464414ded3ae43d1f5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
705d13694a98f8bbe7624d27646e60af6586e1598fcca6464414ded3ae43d1f5.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
705d13694a98f8bbe7624d27646e60af6586e1598fcca6464414ded3ae43d1f5.exe
-
Size
892KB
-
MD5
3fb7cb8d7fd9efd2bc0cae35eb42c4fe
-
SHA1
ce06ab538757edb9b1d4cce656006da0d3795bb1
-
SHA256
705d13694a98f8bbe7624d27646e60af6586e1598fcca6464414ded3ae43d1f5
-
SHA512
97bbe6ba4c9cd15466cce57a762b537df55224329a354f119c7ea1af9f554888ba7c477027c83dc62b39b9d74d4ac11fb97fa206eea86c24a515a2f7a399a694
-
SSDEEP
24576:JOreqxsYYU8rG98siSVrcQ8EO0fG5vq7He:JOCgLY69PRxfyq7+
Score10/10-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-