General
-
Target
Diablo.rar
-
Size
62.3MB
-
Sample
230321-cesnjaad3t
-
MD5
c898805fc52cc4cdcbab708ce689ddb4
-
SHA1
41781b91df67af1bc9b1eafd688ff3195cca2aa1
-
SHA256
d7f7749bde88ba1280b2e560778bab0234d40ea1a6f63dce8622fc2cc7271a09
-
SHA512
7e644b6b3ec7f59c41ca47ace70b233b94174331839bf8e32f8f81cfe79d0c6828681de761d4a8d2f4c510d63b51d26ec534ac8a7e90a81e061078bdc88b0fa7
-
SSDEEP
1572864:FBHP1Yqkw+B1lkVP+tqeozXwaxGfWCP1hadvKc71Yr9sj:FvtkblEP+tqZzXwkCP14KciBsj
Static task
static1
Behavioral task
behavioral1
Sample
Diablo.rar
Resource
win7-20230220-es
Behavioral task
behavioral2
Sample
Diablo.rar
Resource
win10-20230220-es
Behavioral task
behavioral3
Sample
Diablo.rar
Resource
win10v2004-20230220-es
Malware Config
Targets
-
-
Target
Diablo.rar
-
Size
62.3MB
-
MD5
c898805fc52cc4cdcbab708ce689ddb4
-
SHA1
41781b91df67af1bc9b1eafd688ff3195cca2aa1
-
SHA256
d7f7749bde88ba1280b2e560778bab0234d40ea1a6f63dce8622fc2cc7271a09
-
SHA512
7e644b6b3ec7f59c41ca47ace70b233b94174331839bf8e32f8f81cfe79d0c6828681de761d4a8d2f4c510d63b51d26ec534ac8a7e90a81e061078bdc88b0fa7
-
SSDEEP
1572864:FBHP1Yqkw+B1lkVP+tqeozXwaxGfWCP1hadvKc71Yr9sj:FvtkblEP+tqZzXwkCP14KciBsj
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Registers COM server for autorun
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-