General
-
Target
475f6988485f75d5af42a66ab3fa558abadc32fbd84f8722b203ba1eb32a7256
-
Size
5.1MB
-
Sample
221128-c7lexsde5z
-
MD5
60cfb83113b569cfeab728f119619c91
-
SHA1
446d8ac889a375895d82b5cf8805e66af60ea6d9
-
SHA256
475f6988485f75d5af42a66ab3fa558abadc32fbd84f8722b203ba1eb32a7256
-
SHA512
4ba377476fc83be49e25aa4ff0494e16280b3693bfc62528a9cbf4f8862541d433def94b36cc77b46765bffac9df57005907532146fd258e397c5f5ec0427b7a
-
SSDEEP
98304:MgKU9PkBvL3VTnCThR3sFbY5DFy3boE3IjfvbnlS3oAb7H13cIOx7vQsNZsqq:1KCILFTnCTn3sBAi3IjfvbnsbD13oxEX
Malware Config
Targets
-
-
Target
475f6988485f75d5af42a66ab3fa558abadc32fbd84f8722b203ba1eb32a7256
-
Size
5.1MB
-
MD5
60cfb83113b569cfeab728f119619c91
-
SHA1
446d8ac889a375895d82b5cf8805e66af60ea6d9
-
SHA256
475f6988485f75d5af42a66ab3fa558abadc32fbd84f8722b203ba1eb32a7256
-
SHA512
4ba377476fc83be49e25aa4ff0494e16280b3693bfc62528a9cbf4f8862541d433def94b36cc77b46765bffac9df57005907532146fd258e397c5f5ec0427b7a
-
SSDEEP
98304:MgKU9PkBvL3VTnCThR3sFbY5DFy3boE3IjfvbnlS3oAb7H13cIOx7vQsNZsqq:1KCILFTnCTn3sBAi3IjfvbnsbD13oxEX
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-