General
-
Target
6a3542c26946baa66058b7d65dfe1712
-
Size
1.9MB
-
Sample
220603-cslr5sfah9
-
MD5
6a3542c26946baa66058b7d65dfe1712
-
SHA1
975b229b48a3405706d894781f01c5c818f12cae
-
SHA256
89c0205613a95fe8d158fc5736248fc15b0e221a8bd5247c727f96863ad0276c
-
SHA512
81a10f665996316b687f608bd0a25904597a8c6fa09c1ed7610f7e5d3922c2273a8fed75e23c0af524815dfc110f633926220123b265e99cd90a0b540ace0026
Behavioral task
behavioral1
Sample
6a3542c26946baa66058b7d65dfe1712.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
6a3542c26946baa66058b7d65dfe1712.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
6a3542c26946baa66058b7d65dfe1712
-
Size
1.9MB
-
MD5
6a3542c26946baa66058b7d65dfe1712
-
SHA1
975b229b48a3405706d894781f01c5c818f12cae
-
SHA256
89c0205613a95fe8d158fc5736248fc15b0e221a8bd5247c727f96863ad0276c
-
SHA512
81a10f665996316b687f608bd0a25904597a8c6fa09c1ed7610f7e5d3922c2273a8fed75e23c0af524815dfc110f633926220123b265e99cd90a0b540ace0026
Score8/10-
Modifies Windows Firewall
-
Stops running service(s)
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-