General
-
Target
528e851829bc704e72399308a139291053468a53d2ca3a0fe4335f6a51fb8e0e
-
Size
1.7MB
-
Sample
221125-ygsl7sdh6z
-
MD5
3252406fbbe1a7a883ad6935b5ff7b44
-
SHA1
04a855b176cce65a5d8f5c5962cb071eb2829b12
-
SHA256
528e851829bc704e72399308a139291053468a53d2ca3a0fe4335f6a51fb8e0e
-
SHA512
86cea605369b07b01b5bbaf507e13091e5b21518c68f5b7e429f0390ed7202da370503f33ff6537ae165999c940587eda552522091769b36c1dc616868e47773
-
SSDEEP
49152:xjrGFvecsO1VyuA1zRUMjcXYzC5T2Ocjpm:4phDVy71zRtjodT2XjU
Static task
static1
Behavioral task
behavioral1
Sample
528e851829bc704e72399308a139291053468a53d2ca3a0fe4335f6a51fb8e0e.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
528e851829bc704e72399308a139291053468a53d2ca3a0fe4335f6a51fb8e0e
-
Size
1.7MB
-
MD5
3252406fbbe1a7a883ad6935b5ff7b44
-
SHA1
04a855b176cce65a5d8f5c5962cb071eb2829b12
-
SHA256
528e851829bc704e72399308a139291053468a53d2ca3a0fe4335f6a51fb8e0e
-
SHA512
86cea605369b07b01b5bbaf507e13091e5b21518c68f5b7e429f0390ed7202da370503f33ff6537ae165999c940587eda552522091769b36c1dc616868e47773
-
SSDEEP
49152:xjrGFvecsO1VyuA1zRUMjcXYzC5T2Ocjpm:4phDVy71zRtjodT2XjU
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-