General
-
Target
b9cf0f9c289b71b114d3255a1516fc3e640839d1e6dc8073f166cc079631e7ec
-
Size
131KB
-
Sample
221125-pykhgshb68
-
MD5
35d21db425dca7d48b4c4a5551202ae5
-
SHA1
8ace25507299a76b3cc17c7a488dce8597fd67ab
-
SHA256
b9cf0f9c289b71b114d3255a1516fc3e640839d1e6dc8073f166cc079631e7ec
-
SHA512
c33302a3dd492ca041b2823b1e2dd078a86bbad5896d255ef93bf2cc214c4b743e060deee2c4f10dc482ffe30d4b6b6277586750996dbe7a1bbd89154712c217
-
SSDEEP
3072:KlF9A931sB/vH4BhESpMGTIvY3kWFIDpWY6M:2/qESljUWGpWYD
Malware Config
Targets
-
-
Target
b9cf0f9c289b71b114d3255a1516fc3e640839d1e6dc8073f166cc079631e7ec
-
Size
131KB
-
MD5
35d21db425dca7d48b4c4a5551202ae5
-
SHA1
8ace25507299a76b3cc17c7a488dce8597fd67ab
-
SHA256
b9cf0f9c289b71b114d3255a1516fc3e640839d1e6dc8073f166cc079631e7ec
-
SHA512
c33302a3dd492ca041b2823b1e2dd078a86bbad5896d255ef93bf2cc214c4b743e060deee2c4f10dc482ffe30d4b6b6277586750996dbe7a1bbd89154712c217
-
SSDEEP
3072:KlF9A931sB/vH4BhESpMGTIvY3kWFIDpWY6M:2/qESljUWGpWYD
Score7/10-
Deletes itself
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-