General
-
Target
0a68f0e9db1d21658e23195595dac0d2b3c5b5434a48d9bc9fd36fc134660211
-
Size
6.7MB
-
Sample
221123-wj4fdafb3s
-
MD5
c3c418b7342a3c95091959ff676b75ec
-
SHA1
b470140d808ed45db15038f245606db79bf8c137
-
SHA256
0a68f0e9db1d21658e23195595dac0d2b3c5b5434a48d9bc9fd36fc134660211
-
SHA512
dc825864c6e8df727c6ebe8fd38d5164368d049cdf01c4b51ae6540bbe51c7797674eb6f5ee06d79077ae347b1d258c7bedb8911bffbe76d14c089410385ea51
-
SSDEEP
98304:iXCbohcBBUVl3YWbj3unY62eGHWdSfKPtoBWZfyjJy58BmH9XbpMDCE3EHotwMJC:iwBWn7und2eOFat2Ipo0ItwMJQTzT
Static task
static1
Behavioral task
behavioral1
Sample
0a68f0e9db1d21658e23195595dac0d2b3c5b5434a48d9bc9fd36fc134660211.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0a68f0e9db1d21658e23195595dac0d2b3c5b5434a48d9bc9fd36fc134660211.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
0a68f0e9db1d21658e23195595dac0d2b3c5b5434a48d9bc9fd36fc134660211
-
Size
6.7MB
-
MD5
c3c418b7342a3c95091959ff676b75ec
-
SHA1
b470140d808ed45db15038f245606db79bf8c137
-
SHA256
0a68f0e9db1d21658e23195595dac0d2b3c5b5434a48d9bc9fd36fc134660211
-
SHA512
dc825864c6e8df727c6ebe8fd38d5164368d049cdf01c4b51ae6540bbe51c7797674eb6f5ee06d79077ae347b1d258c7bedb8911bffbe76d14c089410385ea51
-
SSDEEP
98304:iXCbohcBBUVl3YWbj3unY62eGHWdSfKPtoBWZfyjJy58BmH9XbpMDCE3EHotwMJC:iwBWn7und2eOFat2Ipo0ItwMJQTzT
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Sets service image path in registry
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-