General
-
Target
fb7756ccf5af47fbc4d06c1b6252822d22d88bf6bc3627b65edae923f859f919
-
Size
251KB
-
Sample
221001-1v3enshbf2
-
MD5
026b22124c55846355333fae9b37e7c0
-
SHA1
cba0f5c9cb141e9426f8a1adcd25798a06ce00af
-
SHA256
fb7756ccf5af47fbc4d06c1b6252822d22d88bf6bc3627b65edae923f859f919
-
SHA512
2d14376a28d4e6fb7d91cb8608c269a97684daae4b2ccb179bc7d889b53a7cec6bf32982595f5aa9c923b529797a3adbb7ed0e2e8ed919d4e564594d3135ac8b
-
SSDEEP
3072:Udv30e0Ld3boyhCZtb3GzxFjT40CDBbtYQ+x3yFS/t0Sn2GuroQfBRbD:UOLd3Pzrj8VDBbGQgImlNeoa
Malware Config
Targets
-
-
Target
fb7756ccf5af47fbc4d06c1b6252822d22d88bf6bc3627b65edae923f859f919
-
Size
251KB
-
MD5
026b22124c55846355333fae9b37e7c0
-
SHA1
cba0f5c9cb141e9426f8a1adcd25798a06ce00af
-
SHA256
fb7756ccf5af47fbc4d06c1b6252822d22d88bf6bc3627b65edae923f859f919
-
SHA512
2d14376a28d4e6fb7d91cb8608c269a97684daae4b2ccb179bc7d889b53a7cec6bf32982595f5aa9c923b529797a3adbb7ed0e2e8ed919d4e564594d3135ac8b
-
SSDEEP
3072:Udv30e0Ld3boyhCZtb3GzxFjT40CDBbtYQ+x3yFS/t0Sn2GuroQfBRbD:UOLd3Pzrj8VDBbGQgImlNeoa
Score9/10-
CryptOne packer
Detects CryptOne packer defined in NCC blogpost.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-