General
-
Target
f626d873512895ed8be4ead8d18d4db04bdb19a74a83d44759a45257582a75cd
-
Size
400KB
-
Sample
240708-ch22daxdkp
-
MD5
9428d54a4aa6eb66abdca820a8f47d12
-
SHA1
abd2a8b44ee4d5fd4cdb947600f340864dcf254f
-
SHA256
f626d873512895ed8be4ead8d18d4db04bdb19a74a83d44759a45257582a75cd
-
SHA512
14024233434003249a918871e81f10048f13fa2079ce5c0bb78893bfef6621d8daa64031539b2a6b4627019935ea43a8f3de9e56937b5ec8a50af08258653c80
-
SSDEEP
12288:OGnKCJuXGUHTmuGwZyYMggzHm64P5WylOHVqZ:OGjutj/mFZylO1qZ
Static task
static1
Behavioral task
behavioral1
Sample
f626d873512895ed8be4ead8d18d4db04bdb19a74a83d44759a45257582a75cd.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
f626d873512895ed8be4ead8d18d4db04bdb19a74a83d44759a45257582a75cd.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
f626d873512895ed8be4ead8d18d4db04bdb19a74a83d44759a45257582a75cd
-
Size
400KB
-
MD5
9428d54a4aa6eb66abdca820a8f47d12
-
SHA1
abd2a8b44ee4d5fd4cdb947600f340864dcf254f
-
SHA256
f626d873512895ed8be4ead8d18d4db04bdb19a74a83d44759a45257582a75cd
-
SHA512
14024233434003249a918871e81f10048f13fa2079ce5c0bb78893bfef6621d8daa64031539b2a6b4627019935ea43a8f3de9e56937b5ec8a50af08258653c80
-
SSDEEP
12288:OGnKCJuXGUHTmuGwZyYMggzHm64P5WylOHVqZ:OGjutj/mFZylO1qZ
Score10/10-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-