General
-
Target
MEGAsyncSetup64.exe
-
Size
49.1MB
-
Sample
211208-wsczsaaadp
-
MD5
55b0426aa5ed74adbbe61fec2343b9c8
-
SHA1
ba5766eabc434ed78f0467f8f1315a30397af455
-
SHA256
3db697da54f91940563f1f633f2d45cc27907fe6e67ebb34eb7e1910d60b1bac
-
SHA512
abba19dfec8ab103a8f8a799b9993a75918052fd8b1a1de6527897be15f3402d4a709a7b59da4ad632674a5990c7e44b5461e1c790e43243fb2d2ad2f7ee6108
Static task
static1
Behavioral task
behavioral1
Sample
MEGAsyncSetup64.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
MEGAsyncSetup64.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
MEGAsyncSetup64.exe
-
Size
49.1MB
-
MD5
55b0426aa5ed74adbbe61fec2343b9c8
-
SHA1
ba5766eabc434ed78f0467f8f1315a30397af455
-
SHA256
3db697da54f91940563f1f633f2d45cc27907fe6e67ebb34eb7e1910d60b1bac
-
SHA512
abba19dfec8ab103a8f8a799b9993a75918052fd8b1a1de6527897be15f3402d4a709a7b59da4ad632674a5990c7e44b5461e1c790e43243fb2d2ad2f7ee6108
Score10/10-
Registers COM server for autorun
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-