General
-
Target
f4c347578375480b1ceaf214daabfa5fdc5d5a6248fb32bfff4352497fdb7029
-
Size
56KB
-
Sample
221202-w8qwksga8t
-
MD5
d26d594e36a1cfd2d1e353147708879b
-
SHA1
60383db0353e19897569029e7177a2b4d43c015b
-
SHA256
f4c347578375480b1ceaf214daabfa5fdc5d5a6248fb32bfff4352497fdb7029
-
SHA512
b6b447ded22588b1992940134e44203aad76af61d86d7e471ee5ab39eb2dd8638590cf1842d19c8256741f395b6e9171e986e6b62e665e07e20ecd33a46d0474
-
SSDEEP
1536:23IoLbgcVrVopPx2IS1HsRYt9fHIEyyN6z:WrbgcmJ2IwsWt1I3gs
Malware Config
Targets
-
-
Target
f4c347578375480b1ceaf214daabfa5fdc5d5a6248fb32bfff4352497fdb7029
-
Size
56KB
-
MD5
d26d594e36a1cfd2d1e353147708879b
-
SHA1
60383db0353e19897569029e7177a2b4d43c015b
-
SHA256
f4c347578375480b1ceaf214daabfa5fdc5d5a6248fb32bfff4352497fdb7029
-
SHA512
b6b447ded22588b1992940134e44203aad76af61d86d7e471ee5ab39eb2dd8638590cf1842d19c8256741f395b6e9171e986e6b62e665e07e20ecd33a46d0474
-
SSDEEP
1536:23IoLbgcVrVopPx2IS1HsRYt9fHIEyyN6z:WrbgcmJ2IwsWt1I3gs
Score8/10-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-