General
-
Target
AAM UpdatesHtA.bin.zip
-
Size
360KB
-
Sample
210304-gnzekqkcxe
-
MD5
a59f98855dc9f8479d310b1b883301ee
-
SHA1
28be9423af865ed73ef8aac887f4bdbe0db9c81a
-
SHA256
d531c8a488aea1f8bb428526fc913801441b01c0742213e7d7fbed3b9163d354
-
SHA512
37614ccfb1fda2ac22b7a6acb5cd944ced71e003608842ffc50f9fbd376d12599dd9083d45829eba4cf01d4ff25b2d968567743cf29c2f130e5de523ddee90e9
Static task
static1
Behavioral task
behavioral1
Sample
AAM UpdatesHtA.bin.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
AAM UpdatesHtA.bin.exe
Resource
win10v20201028
Malware Config
Extracted
plugx
45.251.240.55:443
45.251.240.55:8080
45.251.240.55:8000
EDysZYTmoiuUydWatmWb
-
folder
AAM UpdatesHtA
Targets
-
-
Target
AAM UpdatesHtA.bin
-
Size
485KB
-
MD5
eb941fbca579d3c0966de86b904fc298
-
SHA1
d2aa567fa30befa6e082376b11587aa0f3b0d5b7
-
SHA256
d64afd9799d8de3f39a4ce99584fa67a615a667945532cfa3f702adbe27724c4
-
SHA512
168e5fbbd86950cf409ac2f50d5b0b81c295d8c291077d974d1adad11313c3a4ccb9e5d623a5769136cce3eba33b35acb4f39f6fd1c9323ea0ceb46eb85991f5
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-