General
-
Target
bb6737fc2dcb136b6a1c28ea6bc1a16e9feeb2266949e41607dd5d2562a37de3
-
Size
847KB
-
Sample
221127-sg741abc4s
-
MD5
e6129848fc34f8e3b021abb346d6c398
-
SHA1
05da7c1a5008891b6242c60b2e426f4edefe06be
-
SHA256
bb6737fc2dcb136b6a1c28ea6bc1a16e9feeb2266949e41607dd5d2562a37de3
-
SHA512
5091ec97b4c559d936c0196ba7d7e8cb6371461fc820bcd6ed4fb9b07a03d56e74f1d10ede87a5cdcc8d42d427699a7b6c2a107ab8cd0c361920e9fc66a1337b
-
SSDEEP
12288:+PdvxyWzoUaUmN68LAt4WlACSORF9RmZUO2nu19nOmCpYhY6CBTX:+LyvF5NV+MORFrQ119nOVOhVk
Malware Config
Targets
-
-
Target
bb6737fc2dcb136b6a1c28ea6bc1a16e9feeb2266949e41607dd5d2562a37de3
-
Size
847KB
-
MD5
e6129848fc34f8e3b021abb346d6c398
-
SHA1
05da7c1a5008891b6242c60b2e426f4edefe06be
-
SHA256
bb6737fc2dcb136b6a1c28ea6bc1a16e9feeb2266949e41607dd5d2562a37de3
-
SHA512
5091ec97b4c559d936c0196ba7d7e8cb6371461fc820bcd6ed4fb9b07a03d56e74f1d10ede87a5cdcc8d42d427699a7b6c2a107ab8cd0c361920e9fc66a1337b
-
SSDEEP
12288:+PdvxyWzoUaUmN68LAt4WlACSORF9RmZUO2nu19nOmCpYhY6CBTX:+LyvF5NV+MORFrQ119nOVOhVk
Score8/10-
Drops file in Drivers directory
-
Possible privilege escalation attempt
-
Sets service image path in registry
-
Deletes itself
-
Modifies file permissions
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-