General
-
Target
54666e50470d3534b4aa9ed84ba713ef94e34e53b9b4f3284a360555b9885c37
-
Size
32KB
-
Sample
220427-sv57kaehhj
-
MD5
c65293b9df5f00d39b5220157bcf416b
-
SHA1
8cb97a739d4b8d5d929990b24c86c1071b608778
-
SHA256
54666e50470d3534b4aa9ed84ba713ef94e34e53b9b4f3284a360555b9885c37
-
SHA512
1267ac2bc2f5f3bd5ca3611f1f077df3e6f1bfd179ab18bfeb874e37a1ec5667d92219d250b06374fa10ef574de1b0c3a5811a2fc9cb5845ceaa0356a8552b4c
Static task
static1
Behavioral task
behavioral1
Sample
54666e50470d3534b4aa9ed84ba713ef94e34e53b9b4f3284a360555b9885c37.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
54666e50470d3534b4aa9ed84ba713ef94e34e53b9b4f3284a360555b9885c37.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
54666e50470d3534b4aa9ed84ba713ef94e34e53b9b4f3284a360555b9885c37
-
Size
32KB
-
MD5
c65293b9df5f00d39b5220157bcf416b
-
SHA1
8cb97a739d4b8d5d929990b24c86c1071b608778
-
SHA256
54666e50470d3534b4aa9ed84ba713ef94e34e53b9b4f3284a360555b9885c37
-
SHA512
1267ac2bc2f5f3bd5ca3611f1f077df3e6f1bfd179ab18bfeb874e37a1ec5667d92219d250b06374fa10ef574de1b0c3a5811a2fc9cb5845ceaa0356a8552b4c
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-