General
-
Target
2d0e0dbec4ad714e19a95f2ba451cc917e21ed09cce923f403721d5c297d3bfb
-
Size
11.2MB
-
Sample
221124-matp5sah9z
-
MD5
47128bc7a92e1d60f30634a8454d4d5a
-
SHA1
bfebe9abf58a1d3f54b7b5ca51c356cce9c0b58c
-
SHA256
2d0e0dbec4ad714e19a95f2ba451cc917e21ed09cce923f403721d5c297d3bfb
-
SHA512
680f61cb6362af3901f7437404f7369a75161e068e92bbd308724aea930880f83c59e8e0607bc347b3e825f73868693637ffb41b8958c9e047a7233ed4a6ca78
-
SSDEEP
196608:WfHuyx7oKM0LSIPNeWGCu2THNsw6TevHd+92BIscuR1WHp9DXbWnE0F7clQMAVhY:WfHuyxZdYCuotswo2c61WHrDXV0lqQT8
Static task
static1
Behavioral task
behavioral1
Sample
2d0e0dbec4ad714e19a95f2ba451cc917e21ed09cce923f403721d5c297d3bfb.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
2d0e0dbec4ad714e19a95f2ba451cc917e21ed09cce923f403721d5c297d3bfb
-
Size
11.2MB
-
MD5
47128bc7a92e1d60f30634a8454d4d5a
-
SHA1
bfebe9abf58a1d3f54b7b5ca51c356cce9c0b58c
-
SHA256
2d0e0dbec4ad714e19a95f2ba451cc917e21ed09cce923f403721d5c297d3bfb
-
SHA512
680f61cb6362af3901f7437404f7369a75161e068e92bbd308724aea930880f83c59e8e0607bc347b3e825f73868693637ffb41b8958c9e047a7233ed4a6ca78
-
SSDEEP
196608:WfHuyx7oKM0LSIPNeWGCu2THNsw6TevHd+92BIscuR1WHp9DXbWnE0F7clQMAVhY:WfHuyxZdYCuotswo2c61WHrDXV0lqQT8
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-