General
-
Target
e0f246cf786ef0a889e5e7d4a765bbaab5b919c83247240b6a1340c4c2db4b31
-
Size
44KB
-
Sample
221123-mvbp3aac3y
-
MD5
84d97ffe72de8075aeaca6c72bef1781
-
SHA1
0b5a141fb7d5bf77b035391dc64902758362e9af
-
SHA256
e0f246cf786ef0a889e5e7d4a765bbaab5b919c83247240b6a1340c4c2db4b31
-
SHA512
106a5f308a20814a35dbf7f507cc8193ceb84a947c44f252a4d67a74ba2d4cbb2107cd0ab81ed7eeffcd6662250b71a8e487f3100913275191ce155a62d328ce
-
SSDEEP
768:K53MrPrxual/+ct0D6nc7+HLes6Gm2iY2ez4+D9e3rJXorw50dUCQ:Q4PrxuWtt0D6neMLHdDz4KE7JWw50c
Malware Config
Targets
-
-
Target
e0f246cf786ef0a889e5e7d4a765bbaab5b919c83247240b6a1340c4c2db4b31
-
Size
44KB
-
MD5
84d97ffe72de8075aeaca6c72bef1781
-
SHA1
0b5a141fb7d5bf77b035391dc64902758362e9af
-
SHA256
e0f246cf786ef0a889e5e7d4a765bbaab5b919c83247240b6a1340c4c2db4b31
-
SHA512
106a5f308a20814a35dbf7f507cc8193ceb84a947c44f252a4d67a74ba2d4cbb2107cd0ab81ed7eeffcd6662250b71a8e487f3100913275191ce155a62d328ce
-
SSDEEP
768:K53MrPrxual/+ct0D6nc7+HLes6Gm2iY2ez4+D9e3rJXorw50dUCQ:Q4PrxuWtt0D6neMLHdDz4KE7JWw50c
Score8/10-
Adds policy Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-