General
-
Target
Patch22.rar
-
Size
131KB
-
Sample
230115-ndvx2shh41
-
MD5
830a22baec71951dbeb43e530b49aff0
-
SHA1
9f45dad07e389f71751ada7123088d2aa280c258
-
SHA256
d7314ef013e8b31545e7e726328281f813b0e8e291f2e1329af888b2b74187dc
-
SHA512
4ac8db0424133ba2e4b5608393f90b25abf6190e27d462eef4a296c799e1c38dd6005e853b7200521bf42b829625c05d767d5c0f78179b2c46e8279604c0819f
-
SSDEEP
3072:9JyOxXeC1EHdVx/4TkWJ+zMX6JQSfBpALz+W6VZ:9JbxSHp4XJYnBBSJ2
Static task
static1
Behavioral task
behavioral1
Sample
0 - Piriform-BlockerKeyVerificator_RunAsAdministrator.cmd
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
0 - Piriform-BlockerKeyVerificator_RunAsAdministrator.cmd
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
CCleaner_Patch22.exe
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
CCleaner_Patch22.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
0 - Piriform-BlockerKeyVerificator_RunAsAdministrator.cmd
-
Size
4KB
-
MD5
6ba5c46261ff52e7438f21ccef5f8c7e
-
SHA1
acdf309fbfebecb7a93b78068fc1498fae4d9e62
-
SHA256
f7d87d0a3977d9ed4ed6eaa2da2fe2aea9564f58cf062f828dec0aa21d9ec11e
-
SHA512
106b05fbeca31c78e5e5f33cbd62580aac1b4ef781a78ac2cbe80f92eb01f75beeaa480772dcf2f9f2bbea178e681aff2247dd3d08387b35ca507b90b4a5cc43
-
SSDEEP
96:zGXTD6E4YsQlPtYyjZW0vQH5aROc37gC9r2of6:zeDn4YsQlPtYyjZW0vQH5aROc37gC9rA
-
Drops file in Drivers directory
-
Possible privilege escalation attempt
-
Modifies file permissions
-
-
-
Target
CCleaner_Patch22.exe
-
Size
129KB
-
MD5
f3f183ba8a3c43dfcbef0396ad5d917b
-
SHA1
8a6edcfa27a7f29cab0d6e2f0595eec2c8b2c123
-
SHA256
849d56ebcfdc2cb97c4a7ab9c961c3b7b80700d43963b7db2b6934609de6104d
-
SHA512
2b997fa759e206ac1576615e048f0f11665c2ae57abe55e780022796c02214aaf66fbe6d7ea37152908f833ab8c6ddbdf9a53fa96910f499aa9850e6e3170c77
-
SSDEEP
3072:uNDCOSp3CvdHOcJn+UAQBRnLEH+JkMZOuYfc0WN:kSpwlrJiARO+jOVfl
Score7/10-
Loads dropped DLL
-