General
-
Target
34b6a86fdbd39c8174dc6b707efed9a6d8c60b52185f696a1cc8bac8d15861f7
-
Size
671KB
-
Sample
221126-ajgqqaca5s
-
MD5
904ea4ab8e83c9da097992e3074f7c30
-
SHA1
5c2aba18286c7b375e7087a44ea1326b2960036e
-
SHA256
34b6a86fdbd39c8174dc6b707efed9a6d8c60b52185f696a1cc8bac8d15861f7
-
SHA512
577af28fc241af08b529c48afbc7776300df2710ec830e9e81be03df03b1fb3531d712c234a94c2aa2e3238e6c2c0768e82ee7a3d408bba1a86160c1468d6411
-
SSDEEP
12288:SknDOg+vAcSLbYXc3uAN72T2s8cfwN8N4UbCkO2ELN0YpUovDAXc:/DU3SLbYXc3uA92feON4iBOvLGYppbAs
Static task
static1
Behavioral task
behavioral1
Sample
34b6a86fdbd39c8174dc6b707efed9a6d8c60b52185f696a1cc8bac8d15861f7.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
34b6a86fdbd39c8174dc6b707efed9a6d8c60b52185f696a1cc8bac8d15861f7.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
34b6a86fdbd39c8174dc6b707efed9a6d8c60b52185f696a1cc8bac8d15861f7
-
Size
671KB
-
MD5
904ea4ab8e83c9da097992e3074f7c30
-
SHA1
5c2aba18286c7b375e7087a44ea1326b2960036e
-
SHA256
34b6a86fdbd39c8174dc6b707efed9a6d8c60b52185f696a1cc8bac8d15861f7
-
SHA512
577af28fc241af08b529c48afbc7776300df2710ec830e9e81be03df03b1fb3531d712c234a94c2aa2e3238e6c2c0768e82ee7a3d408bba1a86160c1468d6411
-
SSDEEP
12288:SknDOg+vAcSLbYXc3uAN72T2s8cfwN8N4UbCkO2ELN0YpUovDAXc:/DU3SLbYXc3uA92feON4iBOvLGYppbAs
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops file in Drivers directory
-
Possible privilege escalation attempt
-
Sets service image path in registry
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-