General
-
Target
kxdrv3552-pro.exe
-
Size
14.0MB
-
Sample
210709-emdd4ep1a2
-
MD5
927d0d390ef6ed41c08422710c7946c6
-
SHA1
bd5670bd15f4e2e673c72dc35e056eb4376f0fff
-
SHA256
abe8b02ad1fcbdc2250bab01e0c60636b5afb1748cee29c7919609919cc508fd
-
SHA512
2f26938e7ff5a025682da1da1cf19c0cbb5136f95d078a0eb6168e6d359d41437e89db878e85650cc21291a2ba94637c8b17bbc0f356f67a65134d65934bcd9e
Malware Config
Targets
-
-
Target
kxdrv3552-pro.exe
-
Size
14.0MB
-
MD5
927d0d390ef6ed41c08422710c7946c6
-
SHA1
bd5670bd15f4e2e673c72dc35e056eb4376f0fff
-
SHA256
abe8b02ad1fcbdc2250bab01e0c60636b5afb1748cee29c7919609919cc508fd
-
SHA512
2f26938e7ff5a025682da1da1cf19c0cbb5136f95d078a0eb6168e6d359d41437e89db878e85650cc21291a2ba94637c8b17bbc0f356f67a65134d65934bcd9e
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Suspicious Office macro
Office document equipped with 4.0 macros.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-