General
-
Target
DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
-
Size
8.4MB
-
Sample
230328-vvcalacb79
-
MD5
33392cd0b796d29536f5f7395ce848bd
-
SHA1
2f7b3514f6c5bfac7ef8a191827566117da3fc64
-
SHA256
d45a0055ec3bc02e7eb412d7c1b0aba124966a827db66f7bdbc6ac035d8bbf33
-
SHA512
b3a997bc43a1a2c199445bf12be0843def35f08c4dd4a512f2bf80b8f523c679ec976a9d34cd8a8309a5d021b7551e99ddedbc1bdc8c4739882914b5f964dcaa
-
SSDEEP
196608:fLpq7HUPSNCk6cpYiBQhHJ9umZV7/l0J7mnN62AAERvtpe:fLUEQscpYiGdJtVyJ7mN62AAye
Static task
static1
Malware Config
Targets
-
-
Target
DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
-
Size
8.4MB
-
MD5
33392cd0b796d29536f5f7395ce848bd
-
SHA1
2f7b3514f6c5bfac7ef8a191827566117da3fc64
-
SHA256
d45a0055ec3bc02e7eb412d7c1b0aba124966a827db66f7bdbc6ac035d8bbf33
-
SHA512
b3a997bc43a1a2c199445bf12be0843def35f08c4dd4a512f2bf80b8f523c679ec976a9d34cd8a8309a5d021b7551e99ddedbc1bdc8c4739882914b5f964dcaa
-
SSDEEP
196608:fLpq7HUPSNCk6cpYiBQhHJ9umZV7/l0J7mnN62AAERvtpe:fLUEQscpYiGdJtVyJ7mN62AAye
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-