General
-
Target
ClassicShellSetup_4_3_1.exe
-
Size
6.9MB
-
Sample
230331-yeb7fach44
-
MD5
230d1965a035bc4c894941caa3d19a32
-
SHA1
317604eba6e94e8777741d577b0ef160a0af3258
-
SHA256
942c7ee37303c962628555e196eb35f4465bb45d204600dd2518dd20ddebe5e2
-
SHA512
00ac51bdf37bde44668e5cf20854f67df1b222959f8876e2fc3d05814cdb7b11c728411e5ce04187c7fb9c7939cab56cffaa3a8f02bf0a17437dcf7af51755a4
-
SSDEEP
196608:1fCy8wAafvB9W95jcOqihiDXHzk2w5gzOAiZiU8sXo:Uy8wAafEjnqzkt//s
Malware Config
Targets
-
-
Target
ClassicShellSetup_4_3_1.exe
-
Size
6.9MB
-
MD5
230d1965a035bc4c894941caa3d19a32
-
SHA1
317604eba6e94e8777741d577b0ef160a0af3258
-
SHA256
942c7ee37303c962628555e196eb35f4465bb45d204600dd2518dd20ddebe5e2
-
SHA512
00ac51bdf37bde44668e5cf20854f67df1b222959f8876e2fc3d05814cdb7b11c728411e5ce04187c7fb9c7939cab56cffaa3a8f02bf0a17437dcf7af51755a4
-
SSDEEP
196608:1fCy8wAafvB9W95jcOqihiDXHzk2w5gzOAiZiU8sXo:Uy8wAafEjnqzkt//s
Score8/10-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-