General
-
Target
211be6f6699092fb1e0de9ccc77a9d9f4e057be15906ff360fa479dec0ec4e33
-
Size
6.0MB
-
Sample
211015-q7da7sbac9
-
MD5
5a41f52a595d7b83c3576f09fb7736fa
-
SHA1
7c3420961acf1fc77533aec0d9e006316c69938f
-
SHA256
211be6f6699092fb1e0de9ccc77a9d9f4e057be15906ff360fa479dec0ec4e33
-
SHA512
890916f451bfbeb3d81be521da5184c5f3f912f13663d4e32fb06b56b015c7fd052d3d981f0d035a1f3b416d767bef647d641551f8b5c14ec5c5aed6dbeff548
Static task
static1
Behavioral task
behavioral1
Sample
211be6f6699092fb1e0de9ccc77a9d9f4e057be15906ff360fa479dec0ec4e33.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
211be6f6699092fb1e0de9ccc77a9d9f4e057be15906ff360fa479dec0ec4e33
-
Size
6.0MB
-
MD5
5a41f52a595d7b83c3576f09fb7736fa
-
SHA1
7c3420961acf1fc77533aec0d9e006316c69938f
-
SHA256
211be6f6699092fb1e0de9ccc77a9d9f4e057be15906ff360fa479dec0ec4e33
-
SHA512
890916f451bfbeb3d81be521da5184c5f3f912f13663d4e32fb06b56b015c7fd052d3d981f0d035a1f3b416d767bef647d641551f8b5c14ec5c5aed6dbeff548
Score10/10-
Modifies security service
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-