General
-
Target
024e5a2bef86fcfab4c9ee4d540e0468a2281b889e632366a2a0ce788becd27e
-
Size
26.0MB
-
Sample
221126-lrkywsbf61
-
MD5
1f252dde759d798e6012fc7495e21118
-
SHA1
ba8fcb3b5f1645775ace4cc9fdebfd22f8e57ccc
-
SHA256
024e5a2bef86fcfab4c9ee4d540e0468a2281b889e632366a2a0ce788becd27e
-
SHA512
71bdcf233ed403b539cb3b65f28dec9237f8f77ed5395aea651d07b2af89f48440c30824b699322d53e7ddca3efcaaaf1488787807f0eabb5c607a0defa999de
-
SSDEEP
393216:T5oeevFjjV3IxQILWalbLSGcuO7ilnrgv0TQT0ntb70cgrgnZP2oFCJKhxbQ:VoTdFalb+G3Omlnu0ntjbZP2oFAv
Static task
static1
Behavioral task
behavioral1
Sample
s11111etup-hall.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
s11111etup-hall.exe
-
Size
26.0MB
-
MD5
5d67bb43360716d0c964ce9e7946300e
-
SHA1
1b00bb81f660f738a9d0c1bdb0caa4e770888999
-
SHA256
930cd80a6be9bc4be07c14e47f0f3b1cd7718e9cc6f609ef4d527d083fac423a
-
SHA512
9bd129d2120a1302e874d58c1fd965edb84fa809747bd9fe570934d474308fbfd4654472cf6109b13230ed1a990d154336af347c781429081a11616a2503a290
-
SSDEEP
393216:G5oeevFjjV3IxQILWalbLSGcuO7ilnrgv0TQT0ntb70cgrgnZP2oFCJKhxbz:QoTdFalb+G3Omlnu0ntjbZP2oFAG
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies file permissions
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Program crash
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-