General
-
Target
Windows_7_ACTIVATION.zip
-
Size
1.7MB
-
Sample
230402-3hd8esbf36
-
MD5
518458d2198a0bf1d89e0f8b128890f0
-
SHA1
0161144088a410e758d2ebc28bd91662b78adc2b
-
SHA256
e248206e2605e7472824f51e8195d1e709a4dbf375098a2b725e533ba94dabd8
-
SHA512
5df04e3ab5a99c7625b6c902126c02fdae38543bc62bfe5d750a5764c8d8f1815a8e726ca28b5e716b76090425638e3f20ecf8441ea47e1363379060aa52d2f2
-
SSDEEP
24576:YJRnm7placo6SiG+PHdxo5R1XnKCKZYI+XA5TDMSI7C67TQehTtntt8wZcvjXr6u:OlIm+xoj1XKZt+Q5BSC67TDRt9Zc7eu
Malware Config
Targets
-
-
Target
Windows 7 Activation.exe
-
Size
3.8MB
-
MD5
3976bd5fcbb7cd13f0c12bb69afc2adc
-
SHA1
3b6bdca414a53df7c8c5096b953c4df87a1091c7
-
SHA256
bf5070ef8cf03a11d25460b3e09a479183cc0fa03d0ea32e4499998f509b1a40
-
SHA512
0e34171ea0118f4487bc78954b9a388eac9ee203323e86746616c746a1543b8c4190397fc578d8fc5dd1e151862172fd1c444a42d4b59c18551959c2a19cf341
-
SSDEEP
49152:wEYCFEfn+4NWcNKg/ngk4mY0bI1Wymfgvn81yJffTpuWV355FXw/+cuWV355FXwm:wEYz38cgg/ngk4mYfA7fgvn812nv
Score8/10-
Possible privilege escalation attempt
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-