General
-
Target
9be621f45ee271cab8120c6ef9b564cb040e9d6993b8c661be60a93727d167e2
-
Size
328KB
-
Sample
221107-nlvl9agaal
-
MD5
090f05cef404d8605771edb0a4f4c800
-
SHA1
aad8c536a54563f085aa277322a97ffdb154821f
-
SHA256
9be621f45ee271cab8120c6ef9b564cb040e9d6993b8c661be60a93727d167e2
-
SHA512
7cc01f815c33bd835c7b33e783d1ad74947c45d8e98e7460ecd1c3dbf06cf448440b4033f22bab5832434b44459687b6a1943dc24f14984e640292b01ac06f48
-
SSDEEP
6144:8yWOeLm+tkxoGQvT+W4+HMc+MEGRQ6saHSMf3z0AzbLUG50Tpm+MmvbWdlL0d5aU:8Cemx0vN3HKGi6sYjJLUGGtedud5tr7
Malware Config
Targets
-
-
Target
9be621f45ee271cab8120c6ef9b564cb040e9d6993b8c661be60a93727d167e2
-
Size
328KB
-
MD5
090f05cef404d8605771edb0a4f4c800
-
SHA1
aad8c536a54563f085aa277322a97ffdb154821f
-
SHA256
9be621f45ee271cab8120c6ef9b564cb040e9d6993b8c661be60a93727d167e2
-
SHA512
7cc01f815c33bd835c7b33e783d1ad74947c45d8e98e7460ecd1c3dbf06cf448440b4033f22bab5832434b44459687b6a1943dc24f14984e640292b01ac06f48
-
SSDEEP
6144:8yWOeLm+tkxoGQvT+W4+HMc+MEGRQ6saHSMf3z0AzbLUG50Tpm+MmvbWdlL0d5aU:8Cemx0vN3HKGi6sYjJLUGGtedud5tr7
Score8/10-
Drops file in Drivers directory
-
Possible privilege escalation attempt
-
Sets service image path in registry
-
Deletes itself
-
Modifies file permissions
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-