General
-
Target
82dde4857674bb0d4473d16c9d22ba8abb26766f49442256e3d0f4e44671cbe0
-
Size
2.3MB
-
Sample
220524-a1tfvaadg2
-
MD5
821690d3cbd6113cffc72bb6a037e616
-
SHA1
d189e863f5925b62687600332335e85fdb49b4fe
-
SHA256
82dde4857674bb0d4473d16c9d22ba8abb26766f49442256e3d0f4e44671cbe0
-
SHA512
bade0089307cc9da432807f394ec644d14fd1f8b4d25ec9c2b18476b3816dd4270bf287536621908db5212821d7e3003e825447de106617fc520852b91f6b254
Static task
static1
Behavioral task
behavioral1
Sample
82dde4857674bb0d4473d16c9d22ba8abb26766f49442256e3d0f4e44671cbe0.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
82dde4857674bb0d4473d16c9d22ba8abb26766f49442256e3d0f4e44671cbe0.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
82dde4857674bb0d4473d16c9d22ba8abb26766f49442256e3d0f4e44671cbe0
-
Size
2.3MB
-
MD5
821690d3cbd6113cffc72bb6a037e616
-
SHA1
d189e863f5925b62687600332335e85fdb49b4fe
-
SHA256
82dde4857674bb0d4473d16c9d22ba8abb26766f49442256e3d0f4e44671cbe0
-
SHA512
bade0089307cc9da432807f394ec644d14fd1f8b4d25ec9c2b18476b3816dd4270bf287536621908db5212821d7e3003e825447de106617fc520852b91f6b254
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-