General
-
Target
26cbcdf87d4edcd15ed03693fa12801daa8471bc9707d9b0afbb84a41ab5e42e
-
Size
329KB
-
Sample
221128-my85qsda9z
-
MD5
304e87b1a549495812c9e34ffd033540
-
SHA1
52b5f12b6a5167b29dbf15c0c7704a7c2871b134
-
SHA256
26cbcdf87d4edcd15ed03693fa12801daa8471bc9707d9b0afbb84a41ab5e42e
-
SHA512
02e5ecdc0a7846088fdedeb3da5013d7de41dc71957f2f82586a6e75abd00e6418f9d06cf439cb426e7151852ec414929e0c164acae24fd69c6c901bebd63358
-
SSDEEP
6144:7qpxvlACym6wGGWFGDwZyoJ3fzBeM6SpktqHQI6mVk8cL3/CzYjsHh:7qjvlA06wLBHAf9eMvHwmVkhL36zYwHh
Malware Config
Targets
-
-
Target
26cbcdf87d4edcd15ed03693fa12801daa8471bc9707d9b0afbb84a41ab5e42e
-
Size
329KB
-
MD5
304e87b1a549495812c9e34ffd033540
-
SHA1
52b5f12b6a5167b29dbf15c0c7704a7c2871b134
-
SHA256
26cbcdf87d4edcd15ed03693fa12801daa8471bc9707d9b0afbb84a41ab5e42e
-
SHA512
02e5ecdc0a7846088fdedeb3da5013d7de41dc71957f2f82586a6e75abd00e6418f9d06cf439cb426e7151852ec414929e0c164acae24fd69c6c901bebd63358
-
SSDEEP
6144:7qpxvlACym6wGGWFGDwZyoJ3fzBeM6SpktqHQI6mVk8cL3/CzYjsHh:7qjvlA06wLBHAf9eMvHwmVkhL36zYwHh
Score8/10-
Drops file in Drivers directory
-
Possible privilege escalation attempt
-
Sets service image path in registry
-
Deletes itself
-
Modifies file permissions
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-