3dcb76a3ce2130a17b5366d79639e19687ed4d1dbb3f60a5d8ca96139f4990e2

General

Target

chewwga_olXFF2Wv.zip
Size

12.0MB
Sample

221205-lw7nfsgg58
MD5

f638422a97bd83676daef49fb3ac9033
SHA1

3bd0bdc10e2d41611810d445d73cdeb7d4e7343d
SHA256

3dcb76a3ce2130a17b5366d79639e19687ed4d1dbb3f60a5d8ca96139f4990e2
SHA512

b5b2480a80de2e1981f912bf036bc084314a09ba34847a2c63b241ad7463ca087051af1349b84ac4f0eacf2e02afdff372c3d9b94d2158bfd9783f81f23367c7
SSDEEP

196608:pKM5aUpAI6rSLKSu9gqUd09yHwP93FLr767UsJTnCd2S7DF2GnKxDEkexeld86P6:gWP8eBuCHI9hry2dD7J2Gn6Axxeld86C

Score

9^/10

Malware Config

Targets

- Target
  
  .............exe
- Size
  
  5.8MB
- MD5
  
  288d7d66024b6562feeb4d6baed41849
- SHA1
  
  cb9efb823a462d1afc8057839fecd224d661102a
- SHA256
  
  7dfffd124e41f73e266f806951457060dfff9950caca0fcd1c542ff5e9a21e34
- SHA512
  
  1793b4c153f4277d65cf99b2758c586f4a59234760916280deab35ae69bd48b3584ba76474243ac67efb98c052b4e9a184c16b93b10ea92292eac46224cf334a
- SSDEEP
  
  98304:LX44Xe8aIUM7LhfXMObVARKlsZjLusEBHYCzg1OnW/T+1zS2owMVMowF:7VXeNIUuWObuRKIu5Y0CozSnw7bF
Score

8^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  chewwga_olXFF2Wv.exe
- Size
  
  6.6MB
- MD5
  
  f3d847032cec2ab6ef9513e231805bff
- SHA1
  
  9dd0124aa153be4f868938f7b09bde70dba62e81
- SHA256
  
  0f2e5b72399b46ed8b75dc1ba60eafbca36603da5e42ea12ac9ce4670e798c0c
- SHA512
  
  969f8f4317e8fc41f4d54b0e5e0f5ed7304886b926fdec29c69da8d968a57a6c85d2878f5c1f37775db3af1a61c89a8f66d8cbe29e0a7b0d0c6807a54595b298
- SSDEEP
  
  196608:l5B3FW5UYJNFy1AS7r3QO/C5LQ8wdYRBQ2ni7CAp:93Ya1x7jQO/0EXdYRBQ2kCAp
Score

9^/10

discovery persistence upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Downloads MZ/PE file
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral3 behavioral4