General
-
Target
23d1b2bcaf298f1d5d5f3b94da8bb25d8508257b5b1faaa4e693e0674dbccfda
-
Size
11.3MB
-
Sample
221126-e4gcxaca26
-
MD5
5bedb97fe58d9500b376f46fad2ece28
-
SHA1
2fb3d683ef52bf434b6baec7e6cd0b24bf20cf35
-
SHA256
23d1b2bcaf298f1d5d5f3b94da8bb25d8508257b5b1faaa4e693e0674dbccfda
-
SHA512
2da8c05cdcb3e7425bc72fd2ec5bbb07f4b527b89eb4835cbb8cfdb421da2f62b50c8db9c25920dca44fcb0a6cc7997682f6700213f1135e02024818b501e291
-
SSDEEP
196608:0VCHJX56teE04SCElajuPcG8efT+7nxwSn4BR/Hj7pkpw16kgXJ2QxQv31UutXKZ:AEzTE1S0I8O+7xwxBFj7pMC6k4J2QxQ2
Static task
static1
Behavioral task
behavioral1
Sample
23d1b2bcaf298f1d5d5f3b94da8bb25d8508257b5b1faaa4e693e0674dbccfda.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
23d1b2bcaf298f1d5d5f3b94da8bb25d8508257b5b1faaa4e693e0674dbccfda
-
Size
11.3MB
-
MD5
5bedb97fe58d9500b376f46fad2ece28
-
SHA1
2fb3d683ef52bf434b6baec7e6cd0b24bf20cf35
-
SHA256
23d1b2bcaf298f1d5d5f3b94da8bb25d8508257b5b1faaa4e693e0674dbccfda
-
SHA512
2da8c05cdcb3e7425bc72fd2ec5bbb07f4b527b89eb4835cbb8cfdb421da2f62b50c8db9c25920dca44fcb0a6cc7997682f6700213f1135e02024818b501e291
-
SSDEEP
196608:0VCHJX56teE04SCElajuPcG8efT+7nxwSn4BR/Hj7pkpw16kgXJ2QxQv31UutXKZ:AEzTE1S0I8O+7xwxBFj7pMC6k4J2QxQ2
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-