General
-
Target
a4488311f9e9f2c59a4dc1904eb944872ff23264d63733625cca56a8ae6a1489
-
Size
213KB
-
Sample
221011-mlkavaach6
-
MD5
5b6adeb68798f0598106376cf1e35fe3
-
SHA1
59184f6163066db4af2d7b455aec6eb76d63c014
-
SHA256
a4488311f9e9f2c59a4dc1904eb944872ff23264d63733625cca56a8ae6a1489
-
SHA512
ff4f21d412bbea41be43792039edeeebeac7e58c4f8a3f5361d522a5cd0eb2744b70a355f02ad2ebecddacd534326ffa4f5e213389896504b2f2910b5ba99bff
-
SSDEEP
3072:GVLbKuZKzXw2RjwkfqrIWUEbskfsmbL9Nn0uNFi+O0xShCzukYr+chC:GhKDHpwspcb4mn9Nr5OCgCzuBKch
Malware Config
Targets
-
-
Target
a4488311f9e9f2c59a4dc1904eb944872ff23264d63733625cca56a8ae6a1489
-
Size
213KB
-
MD5
5b6adeb68798f0598106376cf1e35fe3
-
SHA1
59184f6163066db4af2d7b455aec6eb76d63c014
-
SHA256
a4488311f9e9f2c59a4dc1904eb944872ff23264d63733625cca56a8ae6a1489
-
SHA512
ff4f21d412bbea41be43792039edeeebeac7e58c4f8a3f5361d522a5cd0eb2744b70a355f02ad2ebecddacd534326ffa4f5e213389896504b2f2910b5ba99bff
-
SSDEEP
3072:GVLbKuZKzXw2RjwkfqrIWUEbskfsmbL9Nn0uNFi+O0xShCzukYr+chC:GhKDHpwspcb4mn9Nr5OCgCzuBKch
Score10/10-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-