General
-
Target
c342e3b65bdf154878b86880ec05a1e04bb1a44a2fa1fe4dbca40662a15452a3
-
Size
11.7MB
-
Sample
221126-e4s2psca39
-
MD5
c85b1bbf36dbb8b0e712c614089b512a
-
SHA1
7b0a01c1c0e6170fc2e7dd681addff6a9845b1ce
-
SHA256
c342e3b65bdf154878b86880ec05a1e04bb1a44a2fa1fe4dbca40662a15452a3
-
SHA512
3c83df266ca733424472c2d2648be488fbd0d28f6cf3f963de218d81c8bc4769d56aad2a177fcace7ce918b97ad8bff0342a8d26f153716801744dd2945d9176
-
SSDEEP
196608:A6b+pyFrwB5Yp/hX+AkZ74MAlfv2tX9jxHcvio9BRLGNAJX6bp7Wn0XHurVcX4Z6:5+gWB5o/hXlkubvWX9FHcviALGyapDuE
Static task
static1
Behavioral task
behavioral1
Sample
c342e3b65bdf154878b86880ec05a1e04bb1a44a2fa1fe4dbca40662a15452a3.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
c342e3b65bdf154878b86880ec05a1e04bb1a44a2fa1fe4dbca40662a15452a3
-
Size
11.7MB
-
MD5
c85b1bbf36dbb8b0e712c614089b512a
-
SHA1
7b0a01c1c0e6170fc2e7dd681addff6a9845b1ce
-
SHA256
c342e3b65bdf154878b86880ec05a1e04bb1a44a2fa1fe4dbca40662a15452a3
-
SHA512
3c83df266ca733424472c2d2648be488fbd0d28f6cf3f963de218d81c8bc4769d56aad2a177fcace7ce918b97ad8bff0342a8d26f153716801744dd2945d9176
-
SSDEEP
196608:A6b+pyFrwB5Yp/hX+AkZ74MAlfv2tX9jxHcvio9BRLGNAJX6bp7Wn0XHurVcX4Z6:5+gWB5o/hXlkubvWX9FHcviALGyapDuE
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Registers COM server for autorun
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-