General
-
Target
6828317766d1331bd782acc4cb6f00d9611763b32680a70cde5087ec1ea2ef12
-
Size
6.7MB
-
Sample
221123-vg83eaha66
-
MD5
cab48ed9de529a22ca0a1c2d79de3e63
-
SHA1
ffd86c5b07573c79b8975aac35c40b4c27c7292c
-
SHA256
6828317766d1331bd782acc4cb6f00d9611763b32680a70cde5087ec1ea2ef12
-
SHA512
c42889b98affa8e6a18457177fd65f70beff3d796c6ea403607d19125bb2b0af7d8fbbad9353dddb03316b8c1651337d3ae4ec7120f7a051daa9269cc63b997b
-
SSDEEP
196608:i7BWIdKv52/Tg289Pzeh0M+9IUrMSY0TOPrBMJQTzT:S/s2wPzemMF0TUrBLTH
Malware Config
Targets
-
-
Target
6828317766d1331bd782acc4cb6f00d9611763b32680a70cde5087ec1ea2ef12
-
Size
6.7MB
-
MD5
cab48ed9de529a22ca0a1c2d79de3e63
-
SHA1
ffd86c5b07573c79b8975aac35c40b4c27c7292c
-
SHA256
6828317766d1331bd782acc4cb6f00d9611763b32680a70cde5087ec1ea2ef12
-
SHA512
c42889b98affa8e6a18457177fd65f70beff3d796c6ea403607d19125bb2b0af7d8fbbad9353dddb03316b8c1651337d3ae4ec7120f7a051daa9269cc63b997b
-
SSDEEP
196608:i7BWIdKv52/Tg289Pzeh0M+9IUrMSY0TOPrBMJQTzT:S/s2wPzemMF0TUrBLTH
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Sets service image path in registry
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-