General
-
Target
232f83fad3deda8644c603c068c057d8a163698efedc2c13651eebb46215375a.docx
-
Size
131KB
-
Sample
220803-lh2v2safhj
-
MD5
b0b0b8c1e356acced8ae97b9fd448932
-
SHA1
b6b9c6f0bb858e5899e7cea98f7f43940b0235df
-
SHA256
232f83fad3deda8644c603c068c057d8a163698efedc2c13651eebb46215375a
-
SHA512
8914e78ea7ccb0ebff3367e69345a496e14637e54c436885559d2f7cd6a26e608202161aadfb69317f764bb00a6b6f14391935e1450f818edfcd0152509d9f6b
Static task
static1
Behavioral task
behavioral1
Sample
232f83fad3deda8644c603c068c057d8a163698efedc2c13651eebb46215375a.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
232f83fad3deda8644c603c068c057d8a163698efedc2c13651eebb46215375a.exe
Resource
win10-20220718-en
Behavioral task
behavioral3
Sample
232f83fad3deda8644c603c068c057d8a163698efedc2c13651eebb46215375a.exe
Resource
win10v2004-20220721-en
Behavioral task
behavioral4
Sample
232f83fad3deda8644c603c068c057d8a163698efedc2c13651eebb46215375a.exe
Resource
win11-20220223-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
232f83fad3deda8644c603c068c057d8a163698efedc2c13651eebb46215375a.docx
-
Size
131KB
-
MD5
b0b0b8c1e356acced8ae97b9fd448932
-
SHA1
b6b9c6f0bb858e5899e7cea98f7f43940b0235df
-
SHA256
232f83fad3deda8644c603c068c057d8a163698efedc2c13651eebb46215375a
-
SHA512
8914e78ea7ccb0ebff3367e69345a496e14637e54c436885559d2f7cd6a26e608202161aadfb69317f764bb00a6b6f14391935e1450f818edfcd0152509d9f6b
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-