General
-
Target
dcbfdd6793a3a5fe9313bd0ea365174cd9ff3342d8ba9aecea94c3f3b9d3fa6d
-
Size
166KB
-
Sample
221204-rpexrabe2s
-
MD5
b1cb0300f9868a50baabb567cd9ae957
-
SHA1
22ac970e14e377b44f1b12e9689706fd68a7d1b8
-
SHA256
dcbfdd6793a3a5fe9313bd0ea365174cd9ff3342d8ba9aecea94c3f3b9d3fa6d
-
SHA512
8db2e4875a9aa656874413be8428201951d8f0762fe0e7560d406a14eb15d12be8957d0705b63fb6e8df117814f66622a07e97d4d5a4827c1a15cdeb8f8effe8
-
SSDEEP
3072:jLbKuZKzXw2RjwkfqrIWUEbskfsmbL9Nn0uNFi+O0xShCzukYr+:bhKDHpwspcb4mn9Nr5OCgCzuBK
Malware Config
Targets
-
-
Target
dcbfdd6793a3a5fe9313bd0ea365174cd9ff3342d8ba9aecea94c3f3b9d3fa6d
-
Size
166KB
-
MD5
b1cb0300f9868a50baabb567cd9ae957
-
SHA1
22ac970e14e377b44f1b12e9689706fd68a7d1b8
-
SHA256
dcbfdd6793a3a5fe9313bd0ea365174cd9ff3342d8ba9aecea94c3f3b9d3fa6d
-
SHA512
8db2e4875a9aa656874413be8428201951d8f0762fe0e7560d406a14eb15d12be8957d0705b63fb6e8df117814f66622a07e97d4d5a4827c1a15cdeb8f8effe8
-
SSDEEP
3072:jLbKuZKzXw2RjwkfqrIWUEbskfsmbL9Nn0uNFi+O0xShCzukYr+:bhKDHpwspcb4mn9Nr5OCgCzuBK
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-