General
-
Target
53fa0f98a32df0bfd26e75c93736c6065e48afcfb8c07daa4061e734a3a4606d
-
Size
55KB
-
Sample
221126-zef13acg26
-
MD5
ef5c10fa9db540b66fc82a086f61f981
-
SHA1
00d114669456022f2336f1d113bd60cf4ddf1ac6
-
SHA256
53fa0f98a32df0bfd26e75c93736c6065e48afcfb8c07daa4061e734a3a4606d
-
SHA512
9a1cbab89386e8b37de5a380222b1d088c44cc2bfc6c7dad0669015b3079646916be43bc8c135dd0248a39b8ec0333454cd5b13bd983226667425c96006f6715
-
SSDEEP
1536:NH+kTd7LmblCDGiSgiOSO69Qf3r4TUNbhUAy7uGyv:NldfDZo9Bq2Ae5E
Malware Config
Targets
-
-
Target
53fa0f98a32df0bfd26e75c93736c6065e48afcfb8c07daa4061e734a3a4606d
-
Size
55KB
-
MD5
ef5c10fa9db540b66fc82a086f61f981
-
SHA1
00d114669456022f2336f1d113bd60cf4ddf1ac6
-
SHA256
53fa0f98a32df0bfd26e75c93736c6065e48afcfb8c07daa4061e734a3a4606d
-
SHA512
9a1cbab89386e8b37de5a380222b1d088c44cc2bfc6c7dad0669015b3079646916be43bc8c135dd0248a39b8ec0333454cd5b13bd983226667425c96006f6715
-
SSDEEP
1536:NH+kTd7LmblCDGiSgiOSO69Qf3r4TUNbhUAy7uGyv:NldfDZo9Bq2Ae5E
Score8/10-
Sets DLL path for service in the registry
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-