General
-
Target
46f79c451e652fc4ce7ad5a6f9eb737642077c128e514c889458220ed6985913.zip
-
Size
2.0MB
-
Sample
201104-kxg4tq1fb2
-
MD5
a80c3a2489e56fffd40b74354ce290eb
-
SHA1
ac6b10034bd9a8c22c11d54bc31855fdf7113b12
-
SHA256
b5532d414f8cd17139cc2f4eefef310c4e64bf0e86636cfc2f96b3d30f0ff674
-
SHA512
778e62903db88e406f1b6ef01b313fad129c29085526278dd17e25a0b55f039bce1c0d8d95f7b28c2c868ae31e8099507fd92a554c5f3ae3f2efb6644c5061b9
Malware Config
Targets
-
-
Target
46f79c451e652fc4ce7ad5a6f9eb737642077c128e514c889458220ed6985913
-
Size
2.1MB
-
MD5
c22908fe460312d76b50129aa3ef2cf2
-
SHA1
a8922fb5b28722c680bbe6e15749f528a27680c3
-
SHA256
46f79c451e652fc4ce7ad5a6f9eb737642077c128e514c889458220ed6985913
-
SHA512
368589ddecb6e8523e4e3d34e86fc62b45053bbeb5876485a243ba796e1bdea53df4211d7e1e738fbaadcfafe1be9799643a4b1f8d9de75009c11d86f89402a7
Score8/10-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
JavaScript code in executable
-
Drops file in System32 directory
-
Modifies service
-