General
-
Target
4eadc2ad3c7273e14e0b8e59374a8549d01d5bbdbbc9419d781b9958c565dd21
-
Size
11.5MB
-
Sample
221126-e4cpqaca24
-
MD5
07334283d207bb63aba13b493f5808bf
-
SHA1
44d6c4427b962110d4e0bc83a53c98cf0c9a55c3
-
SHA256
4eadc2ad3c7273e14e0b8e59374a8549d01d5bbdbbc9419d781b9958c565dd21
-
SHA512
248f99ab02e145903077631582c1ad27035a0e55ca83e491589a1038238cf33552a79542e63fe3a0c30497fbe04bf35d1aaf58218571100e32b72aba76d9aa0e
-
SSDEEP
196608:AQfi2EhE0oYwoeoljF5Rz1uJcGD4YGLbKavOcWJlcAqMzzEEllYY6M1P1K:AQEmYleUjF5Rz1u+GD4bycOceWAqMzz2
Static task
static1
Behavioral task
behavioral1
Sample
4eadc2ad3c7273e14e0b8e59374a8549d01d5bbdbbc9419d781b9958c565dd21.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
4eadc2ad3c7273e14e0b8e59374a8549d01d5bbdbbc9419d781b9958c565dd21
-
Size
11.5MB
-
MD5
07334283d207bb63aba13b493f5808bf
-
SHA1
44d6c4427b962110d4e0bc83a53c98cf0c9a55c3
-
SHA256
4eadc2ad3c7273e14e0b8e59374a8549d01d5bbdbbc9419d781b9958c565dd21
-
SHA512
248f99ab02e145903077631582c1ad27035a0e55ca83e491589a1038238cf33552a79542e63fe3a0c30497fbe04bf35d1aaf58218571100e32b72aba76d9aa0e
-
SSDEEP
196608:AQfi2EhE0oYwoeoljF5Rz1uJcGD4YGLbKavOcWJlcAqMzzEEllYY6M1P1K:AQEmYleUjF5Rz1u+GD4bycOceWAqMzz2
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-