General
-
Target
578fa9ea352f78b1443c817ae43ee968fb6d827b8fbb9dd30fab6e23c8c80744
-
Size
258KB
-
Sample
221125-nwskmshe8w
-
MD5
8316cf2207ab369a8b48615324f4d794
-
SHA1
e1ce12d761c055692847b5281f9c457f19847d67
-
SHA256
578fa9ea352f78b1443c817ae43ee968fb6d827b8fbb9dd30fab6e23c8c80744
-
SHA512
c0f3c27125d947469286c7df30859256054bedd02b0834e14a7dde801064235246a94dd805ca54cc538f0442c7e1b4009ee2fd12b5ad885b3f307ead9901bbfc
-
SSDEEP
6144:N2c68qqv3gyy6wP2xnK7KlEV7DVKduhqb:N6877y7P2xnIK+lpGuh+
Malware Config
Targets
-
-
Target
578fa9ea352f78b1443c817ae43ee968fb6d827b8fbb9dd30fab6e23c8c80744
-
Size
258KB
-
MD5
8316cf2207ab369a8b48615324f4d794
-
SHA1
e1ce12d761c055692847b5281f9c457f19847d67
-
SHA256
578fa9ea352f78b1443c817ae43ee968fb6d827b8fbb9dd30fab6e23c8c80744
-
SHA512
c0f3c27125d947469286c7df30859256054bedd02b0834e14a7dde801064235246a94dd805ca54cc538f0442c7e1b4009ee2fd12b5ad885b3f307ead9901bbfc
-
SSDEEP
6144:N2c68qqv3gyy6wP2xnK7KlEV7DVKduhqb:N6877y7P2xnIK+lpGuh+
Score9/10-
CryptOne packer
Detects CryptOne packer defined in NCC blogpost.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-