General
-
Target
ChatGPT
-
Size
288KB
-
Sample
230301-smj95agf83
-
MD5
b63cbb1a6d65b0519a945f8e2eb3c154
-
SHA1
a855dea2f8b65cba410a89ebc6ddabcdbf0de14d
-
SHA256
7042f150be2f0007b8cb09bdf84036dabae16daafb53cbae139e31d49f3edb4b
-
SHA512
082ed4c5fdf2a171a41892ce3d58e15ec3454c47a24472b42bf45537d741a2d587a33ea02e5613c998118a7da1a5ddd8efd71d1afca81510e854a32726855b15
-
SSDEEP
6144:5TRgFloWDuqJwtrBI38EY8qiy1v+m//Q1RJGRJRRJLRJ2/XBR8fgnIEFOUtDR6gq:1RgFloNtrBI38EY8qiy1v+m//Q1RJGR1
Malware Config
Targets
-
-
Target
ChatGPT
-
Size
288KB
-
MD5
b63cbb1a6d65b0519a945f8e2eb3c154
-
SHA1
a855dea2f8b65cba410a89ebc6ddabcdbf0de14d
-
SHA256
7042f150be2f0007b8cb09bdf84036dabae16daafb53cbae139e31d49f3edb4b
-
SHA512
082ed4c5fdf2a171a41892ce3d58e15ec3454c47a24472b42bf45537d741a2d587a33ea02e5613c998118a7da1a5ddd8efd71d1afca81510e854a32726855b15
-
SSDEEP
6144:5TRgFloWDuqJwtrBI38EY8qiy1v+m//Q1RJGRJRRJLRJ2/XBR8fgnIEFOUtDR6gq:1RgFloNtrBI38EY8qiy1v+m//Q1RJGR1
Score8/10-
Downloads MZ/PE file
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-