Extracted

Extracted

• • Target

    167a1s0ssssd7da.exe

  • Size

    717KB

  • MD5

    1e62148d865a96d50b93185bc61ad335

  • SHA1

    e3d4d55d2d92e594cee2e1f11779935957521a53

  • SHA256

    0837d362bdddd62f2ecafa411a7b97715dda386a5cdf7723d686687b9a1c776c

  • SHA512

    931caefe454c45cd7f07ce71125b3fd101207c2034370a69ebb1d66208cdff580d49a7041eee9a91f64766003dae99cc423d1312109bdefe5de3bec85755f280

  Score

  10^/10

  ransomwarepersistencespywareevasiontrojan

  • Modifies Installed Components in the registry

    persistence

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Checks whether UAC is enabled

    evasiontrojan

  • Drops desktop.ini file(s)

  • Enumerates connected drives

  • Modifies service

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2