General
-
Target
4366d8f07ea3c75b5393911c56f9000d78ce6b35418e751d834f4c2f1625edb2
-
Size
265KB
-
Sample
221011-df17qscadq
-
MD5
45d8eacc9a50294e94bec818d180e5c0
-
SHA1
94f824af15b641f43a6296ad242874ba2bf917c0
-
SHA256
4366d8f07ea3c75b5393911c56f9000d78ce6b35418e751d834f4c2f1625edb2
-
SHA512
6ea83de07a19a20673ab63a7b08f2cfde047ec699ac2f646cfc67d1233a6c3676f5bf9d0689aaf52320192f19237773e4ff6e9d539063dcf931e1e41e521270d
-
SSDEEP
6144:zYlK7BXzHgjDRT4wVuK11sFEwBpkLSm+luSk6XqLb+KV/YF+Mx:zYUSjD/uK11g9kF/6XqLb+KdYVx
Malware Config
Targets
-
-
Target
4366d8f07ea3c75b5393911c56f9000d78ce6b35418e751d834f4c2f1625edb2
-
Size
265KB
-
MD5
45d8eacc9a50294e94bec818d180e5c0
-
SHA1
94f824af15b641f43a6296ad242874ba2bf917c0
-
SHA256
4366d8f07ea3c75b5393911c56f9000d78ce6b35418e751d834f4c2f1625edb2
-
SHA512
6ea83de07a19a20673ab63a7b08f2cfde047ec699ac2f646cfc67d1233a6c3676f5bf9d0689aaf52320192f19237773e4ff6e9d539063dcf931e1e41e521270d
-
SSDEEP
6144:zYlK7BXzHgjDRT4wVuK11sFEwBpkLSm+luSk6XqLb+KV/YF+Mx:zYUSjD/uK11g9kF/6XqLb+KdYVx
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-