General
-
Target
7035c6d2aa4b8b7b46f9cb88c969af832e7b2334dc8dff2ff243ba1bd58f505c
-
Size
166KB
-
Sample
221125-jjhgpabf24
-
MD5
3b54de973e6bf3c96763b6c4d92774ea
-
SHA1
b9eaff31ceacdc79ceea0af2381c914c2810b430
-
SHA256
7035c6d2aa4b8b7b46f9cb88c969af832e7b2334dc8dff2ff243ba1bd58f505c
-
SHA512
600a0e62c33346a8102e4ce5dfbf1f6d7539e2bb3532bde0214eec75446987e7d475472e16dd898fa55dbaff2e8deb190b50b487a2b7e38748a5f16257096698
-
SSDEEP
3072:GgBCDs7fT+FHNyJcbaig9AnG2bQDmRI3IftLnUHcQnVPq:GgoAEPK9AfbyCW3VS
Malware Config
Targets
-
-
Target
7035c6d2aa4b8b7b46f9cb88c969af832e7b2334dc8dff2ff243ba1bd58f505c
-
Size
166KB
-
MD5
3b54de973e6bf3c96763b6c4d92774ea
-
SHA1
b9eaff31ceacdc79ceea0af2381c914c2810b430
-
SHA256
7035c6d2aa4b8b7b46f9cb88c969af832e7b2334dc8dff2ff243ba1bd58f505c
-
SHA512
600a0e62c33346a8102e4ce5dfbf1f6d7539e2bb3532bde0214eec75446987e7d475472e16dd898fa55dbaff2e8deb190b50b487a2b7e38748a5f16257096698
-
SSDEEP
3072:GgBCDs7fT+FHNyJcbaig9AnG2bQDmRI3IftLnUHcQnVPq:GgoAEPK9AfbyCW3VS
Score9/10-
CryptOne packer
Detects CryptOne packer defined in NCC blogpost.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-