General
-
Target
828e97849947eac4a9ca96aade810bc90564831d648a6b16c0c7902e465e6b74
-
Size
2.4MB
-
Sample
221129-hmgh5ahh3y
-
MD5
a96ea6b5bcb88b58bc87a32c8b19d697
-
SHA1
f1a1ac44bd43a65ff639cb9a29a1767c0b00fb70
-
SHA256
828e97849947eac4a9ca96aade810bc90564831d648a6b16c0c7902e465e6b74
-
SHA512
d9c68d36cc78307d9c0d0240c9eb462a07dee0512b4b058bba4f2fb8d3b42ca3beeeb75afe4ab62b273b98a6fe0ff82b9cccbb2af12e70d5068793c7f771b413
-
SSDEEP
49152:ySeQ9AYKVtE3mpwz2lIu2/exeEFTOrP/IXxwE1fYrleo2/uMo:deeKVtHm0u/exeEFTOj/IXyAwleXo
Behavioral task
behavioral1
Sample
ICONCH~1.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
ICONCH~1.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
SERVER~1.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
ICONCH~1.EXE
-
Size
1.1MB
-
MD5
714fec58517cf8ec758106f9e92cb4cd
-
SHA1
b1b03ba2dd2f94ce07b055854687fe5853324309
-
SHA256
a4ec43ad30c758d0a1737edcedd29934a442e0dc8b5ff95cb593b150becfad82
-
SHA512
7eba6963e166e92992208587e11f20992f6166101708dee47282e405a393002266e098f6e7d2aade9c5edd6887c8192bf4eac3f5f797134beef334c81f459c3a
-
SSDEEP
24576:2mQcUXo8ZwC+trY/dESAMtsYW3z6Hgc5OD+3zF3yiRFUh93AFI/eKwUoWHw:xw7vQrYVftPDOD8zg8Fw3iI/eRWQ
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
SERVER~1.EXE
-
Size
1.8MB
-
MD5
264df844abb71f9a049a52fe119a12d6
-
SHA1
8fd1ff9fce8a02a4b5b434e67bd02d268ca0b955
-
SHA256
dee0020e745a6bd0eb21c46136e9573502ec8e3e9f785a99f3a3a6936c53b7be
-
SHA512
ac8c8faec9e7a311b14d30b4849ef725aa77d406c082078ca23c9415e2275fba30a58dcd2c0929bccece976b161d3bb006a3c91d916df8ad85d49cf4d3689300
-
SSDEEP
49152:ZGR0ojUWvEtjD85JoQFbbKLT9f7B9BZW4Oj1:Zw00UaQDSJoQFXKLT9TB9Bw1
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-