General
-
Target
fb7fb354d53bba7d8b06e54ff4353391104309bde96ed4dfb61cfd4734616fcd
-
Size
518KB
-
Sample
221128-dagk5shg53
-
MD5
2967db42ae55218f11340027c64331fe
-
SHA1
1bb9e2bf9e5a27f113f521dde30646af18c2cbd5
-
SHA256
fb7fb354d53bba7d8b06e54ff4353391104309bde96ed4dfb61cfd4734616fcd
-
SHA512
4f84c6e045c88f93480522e8c35a3d701fa36bbee6285c1550d4cb1af87d06661daa31647ae9c2e1f4a8a31cbab7e58165c67f710bf71992b7d40b177ebb28e0
-
SSDEEP
12288:h6zkzrbETCl/7ZBH+Fxc3sgmrpgkue8lP5/w+FirOHskFgFwIyXCDu8:n76Cp7ZBH+FeNt7mr6skFgqIyX
Static task
static1
Behavioral task
behavioral1
Sample
fb7fb354d53bba7d8b06e54ff4353391104309bde96ed4dfb61cfd4734616fcd.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
C:\odt\ReadMe.txt
http://obzuqvr5424kkc4unbq2p2i67ny3zngce3tbdr37nicjqesgqcgomfqd.onion/?101ZQRTVWYA
https://yip.su/2QstD5
Targets
-
-
Target
fb7fb354d53bba7d8b06e54ff4353391104309bde96ed4dfb61cfd4734616fcd
-
Size
518KB
-
MD5
2967db42ae55218f11340027c64331fe
-
SHA1
1bb9e2bf9e5a27f113f521dde30646af18c2cbd5
-
SHA256
fb7fb354d53bba7d8b06e54ff4353391104309bde96ed4dfb61cfd4734616fcd
-
SHA512
4f84c6e045c88f93480522e8c35a3d701fa36bbee6285c1550d4cb1af87d06661daa31647ae9c2e1f4a8a31cbab7e58165c67f710bf71992b7d40b177ebb28e0
-
SSDEEP
12288:h6zkzrbETCl/7ZBH+Fxc3sgmrpgkue8lP5/w+FirOHskFgFwIyXCDu8:n76Cp7ZBH+FeNt7mr6skFgqIyX
Score10/10-
Modifies Installed Components in the registry
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-