General
-
Target
safeconnect.exe
-
Size
721KB
-
Sample
211216-gmgy8abch2
-
MD5
3b89d22f1d594573f2957c942f43d730
-
SHA1
0c6edad332f7fdc73ba4d51a3751d8185230bb27
-
SHA256
66ef5da13e960e2878af2820f76fc8b258359d1a990d9061f5cf43bf8f8329b0
-
SHA512
43edbb57b298e83ac610714013e032d5b495485dc888638ee9cbf1ebc3f8a7beffd542cf7b37ecaba336363a7d7abe9cc033c4ca78d6d1ffe5fec6f8272ff0fe
Static task
static1
Behavioral task
behavioral1
Sample
safeconnect.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
safeconnect.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
safeconnect.exe
-
Size
721KB
-
MD5
3b89d22f1d594573f2957c942f43d730
-
SHA1
0c6edad332f7fdc73ba4d51a3751d8185230bb27
-
SHA256
66ef5da13e960e2878af2820f76fc8b258359d1a990d9061f5cf43bf8f8329b0
-
SHA512
43edbb57b298e83ac610714013e032d5b495485dc888638ee9cbf1ebc3f8a7beffd542cf7b37ecaba336363a7d7abe9cc033c4ca78d6d1ffe5fec6f8272ff0fe
Score10/10-
Registers COM server for autorun
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-