General
-
Target
DriverUpdate-setup-787b5068-7237-4eb5-af86-4038ded17345.exe
-
Size
690KB
-
Sample
210119-ykmrlnb7px
-
MD5
9b57d8f7ebf2e307a02430be0a1cdab1
-
SHA1
15aa078a2e52d95702a35a9d7cff2ec352c73913
-
SHA256
92dd3781f16d24879509cc96d5a8d3a648ba0249e7da7b1f829e0d4bc455528a
-
SHA512
387f35d43d2c8e6c1de420e6e3a4b73dc5822901761a2ca4d6e58a0579545ef441dfe3d86dbd1bc0b088f3fa302d13d98c544d6e4491fee9e88c8c0609cecb42
Malware Config
Targets
-
-
Target
DriverUpdate-setup-787b5068-7237-4eb5-af86-4038ded17345.exe
-
Size
690KB
-
MD5
9b57d8f7ebf2e307a02430be0a1cdab1
-
SHA1
15aa078a2e52d95702a35a9d7cff2ec352c73913
-
SHA256
92dd3781f16d24879509cc96d5a8d3a648ba0249e7da7b1f829e0d4bc455528a
-
SHA512
387f35d43d2c8e6c1de420e6e3a4b73dc5822901761a2ca4d6e58a0579545ef441dfe3d86dbd1bc0b088f3fa302d13d98c544d6e4491fee9e88c8c0609cecb42
Score10/10-
Registers COM server for autorun
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
JavaScript code in executable
-