General
-
Target
0ff9140d942e3a19c7dcb70958d8a72b98a1549578e9fb91ae159398ff750446
-
Size
267KB
-
Sample
221126-y9abbscc48
-
MD5
9d9aac18c62290539c705bc16a7461ec
-
SHA1
f92486488122b019162c7d4e6c867304997f464c
-
SHA256
0ff9140d942e3a19c7dcb70958d8a72b98a1549578e9fb91ae159398ff750446
-
SHA512
66216aec72d73f47f29e069884c2cbde67c086f567cbd9d636d26f8a733fe41c7b8fe9624767c8553def76a817e2411b1f9244166481a3442b65aa78a0de8a29
-
SSDEEP
6144:2LIIUuWWBC6c5V4GS1Xl6aXqb1E/21w0kIerV:GIIUbWm471Xs5EWw0Veh
Malware Config
Targets
-
-
Target
0ff9140d942e3a19c7dcb70958d8a72b98a1549578e9fb91ae159398ff750446
-
Size
267KB
-
MD5
9d9aac18c62290539c705bc16a7461ec
-
SHA1
f92486488122b019162c7d4e6c867304997f464c
-
SHA256
0ff9140d942e3a19c7dcb70958d8a72b98a1549578e9fb91ae159398ff750446
-
SHA512
66216aec72d73f47f29e069884c2cbde67c086f567cbd9d636d26f8a733fe41c7b8fe9624767c8553def76a817e2411b1f9244166481a3442b65aa78a0de8a29
-
SSDEEP
6144:2LIIUuWWBC6c5V4GS1Xl6aXqb1E/21w0kIerV:GIIUbWm471Xs5EWw0Veh
Score9/10-
CryptOne packer
Detects CryptOne packer defined in NCC blogpost.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-