General
-
Target
e7f0a3a3553dc4eb25e9337f664d93c8fd951a328952883f10f09621a2255968
-
Size
1.3MB
-
Sample
221029-py23jaggck
-
MD5
ef47687cddafd1fb06d3705b3409a52e
-
SHA1
5c3c7ed3705205c38cf2a12a1ccc9a4e394da1ee
-
SHA256
e7f0a3a3553dc4eb25e9337f664d93c8fd951a328952883f10f09621a2255968
-
SHA512
b178465e17738f9489fc75bd5d5866de361bd88182bf214066884fa3e9d7a83ec40b7d4b9ba063d6668c0ae86e22d4385ad51994116c414651434a4225eb5100
-
SSDEEP
24576:u7Djpcup0fXIXSxJxqW6ZvNrryeq7Xr8N9bb3DFsH:uzmupI9xJEWstyewkb7ZsH
Malware Config
Targets
-
-
Target
e7f0a3a3553dc4eb25e9337f664d93c8fd951a328952883f10f09621a2255968
-
Size
1.3MB
-
MD5
ef47687cddafd1fb06d3705b3409a52e
-
SHA1
5c3c7ed3705205c38cf2a12a1ccc9a4e394da1ee
-
SHA256
e7f0a3a3553dc4eb25e9337f664d93c8fd951a328952883f10f09621a2255968
-
SHA512
b178465e17738f9489fc75bd5d5866de361bd88182bf214066884fa3e9d7a83ec40b7d4b9ba063d6668c0ae86e22d4385ad51994116c414651434a4225eb5100
-
SSDEEP
24576:u7Djpcup0fXIXSxJxqW6ZvNrryeq7Xr8N9bb3DFsH:uzmupI9xJEWstyewkb7ZsH
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Sets service image path in registry
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-