General
-
Target
fb0a5734696d52578e4fca879389103c71aebfe13a36f56ad39ceada41d99618
-
Size
2.6MB
-
Sample
221128-jn78xafh76
-
MD5
eeee47c77685239c2fb5fae7492901c6
-
SHA1
f8c66c12d38cec2963db4408ad7c883e1fdc456d
-
SHA256
fb0a5734696d52578e4fca879389103c71aebfe13a36f56ad39ceada41d99618
-
SHA512
e87b2abcdd0ab0833f85cadba95269b7f30f462e8b06fb486178244b466bd2ca1ada8110c932c91b40ceaac12a60a62360ddae31a4a15884dc222ae1108bc0cd
-
SSDEEP
49152:QpPaSddXndTaA0Hqy8g5tCe3350u6jI/oZQy9ej1QordiAXrEomKlD:Gpx0Ky8g5tbnyI/g+PoYD
Static task
static1
Behavioral task
behavioral1
Sample
fb0a5734696d52578e4fca879389103c71aebfe13a36f56ad39ceada41d99618.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
fb0a5734696d52578e4fca879389103c71aebfe13a36f56ad39ceada41d99618
-
Size
2.6MB
-
MD5
eeee47c77685239c2fb5fae7492901c6
-
SHA1
f8c66c12d38cec2963db4408ad7c883e1fdc456d
-
SHA256
fb0a5734696d52578e4fca879389103c71aebfe13a36f56ad39ceada41d99618
-
SHA512
e87b2abcdd0ab0833f85cadba95269b7f30f462e8b06fb486178244b466bd2ca1ada8110c932c91b40ceaac12a60a62360ddae31a4a15884dc222ae1108bc0cd
-
SSDEEP
49152:QpPaSddXndTaA0Hqy8g5tCe3350u6jI/oZQy9ej1QordiAXrEomKlD:Gpx0Ky8g5tbnyI/g+PoYD
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Sets service image path in registry
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-