General
-
Target
VS.exe
-
Size
501.9MB
-
Sample
230331-xswybsea4s
-
MD5
8d2f3562833dbffd2fd130f52bcfe8c3
-
SHA1
5e2cf3d9eb67b8da239266265cebb989423b50c2
-
SHA256
d39f8f45f12d0654d1ec357e88e3b2794ec3ba3fa3a59fe8879debb67ef166d5
-
SHA512
c11f5d80afffad7471535f411d2d3ac166cdd288837329a69d84d6c94beaa989cb48df886cafcd70d6505c969accb967a3aafbc8aedef7cfb9a39938935b5c26
-
SSDEEP
12582912:ArDcJZsqAHssJfEHW9GhFDVpw7etV2dHPYERilv:UWt69Gh1VW7HuERuv
Static task
static1
Malware Config
Targets
-
-
Target
VS.exe
-
Size
501.9MB
-
MD5
8d2f3562833dbffd2fd130f52bcfe8c3
-
SHA1
5e2cf3d9eb67b8da239266265cebb989423b50c2
-
SHA256
d39f8f45f12d0654d1ec357e88e3b2794ec3ba3fa3a59fe8879debb67ef166d5
-
SHA512
c11f5d80afffad7471535f411d2d3ac166cdd288837329a69d84d6c94beaa989cb48df886cafcd70d6505c969accb967a3aafbc8aedef7cfb9a39938935b5c26
-
SSDEEP
12582912:ArDcJZsqAHssJfEHW9GhFDVpw7etV2dHPYERilv:UWt69Gh1VW7HuERuv
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-