General
-
Target
a7af0b755c9a598c8e37f237dc024ca0e6879908ccf4cc7b749f78065452504e
-
Size
12.5MB
-
Sample
221124-ew441agf86
-
MD5
01069b81c9f161318890cc6471c5f03c
-
SHA1
c12e56ca5669d71d470800b2cad4fe5614c3e1e2
-
SHA256
a7af0b755c9a598c8e37f237dc024ca0e6879908ccf4cc7b749f78065452504e
-
SHA512
0cf5283db81d69ebb4e6ac57823e04351125170deaa9be9b0c45ee5e006f4f08e9a5db75e0667a7fa879d2e2c16380689d578bfd8f22239ae98be5ebdee5cb88
-
SSDEEP
393216:TfFnxnP45QFNNSHhJbqL0UZgSyFsanTSde1vrDPhr8:Ttn+5QFNN0JSKSyXnGE1nG
Static task
static1
Behavioral task
behavioral1
Sample
a7af0b755c9a598c8e37f237dc024ca0e6879908ccf4cc7b749f78065452504e.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
a7af0b755c9a598c8e37f237dc024ca0e6879908ccf4cc7b749f78065452504e
-
Size
12.5MB
-
MD5
01069b81c9f161318890cc6471c5f03c
-
SHA1
c12e56ca5669d71d470800b2cad4fe5614c3e1e2
-
SHA256
a7af0b755c9a598c8e37f237dc024ca0e6879908ccf4cc7b749f78065452504e
-
SHA512
0cf5283db81d69ebb4e6ac57823e04351125170deaa9be9b0c45ee5e006f4f08e9a5db75e0667a7fa879d2e2c16380689d578bfd8f22239ae98be5ebdee5cb88
-
SSDEEP
393216:TfFnxnP45QFNNSHhJbqL0UZgSyFsanTSde1vrDPhr8:Ttn+5QFNN0JSKSyXnGE1nG
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Registers COM server for autorun
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-