General
-
Target
AnyDesk.exe
-
Size
3.9MB
-
Sample
230421-bewvhsdc77
-
MD5
d9f15227fefb98ba69d98542fbe7e568
-
SHA1
248795453ceb95e39db633285651f7204813ea3a
-
SHA256
5b70972c72bf8af098350f8a53ec830ddbd5c2c7809c71649c93f32a8a3f1371
-
SHA512
76f8fb624bdf303f7ce7db234775b30385146734aa5e94830efc0601aa7a056d30f37d59c6f86a6ed0ab59da3134bd3a2a07402d08474e4e34a2000e6eea27aa
-
SSDEEP
98304:4FuXMFkEMXhX1cjJZWp51o1xCw3YnoBWr+/vf8A:4FuXMFkdXZMJu5ujb3YnosSXf8A
Malware Config
Targets
-
-
Target
AnyDesk.exe
-
Size
3.9MB
-
MD5
d9f15227fefb98ba69d98542fbe7e568
-
SHA1
248795453ceb95e39db633285651f7204813ea3a
-
SHA256
5b70972c72bf8af098350f8a53ec830ddbd5c2c7809c71649c93f32a8a3f1371
-
SHA512
76f8fb624bdf303f7ce7db234775b30385146734aa5e94830efc0601aa7a056d30f37d59c6f86a6ed0ab59da3134bd3a2a07402d08474e4e34a2000e6eea27aa
-
SSDEEP
98304:4FuXMFkEMXhX1cjJZWp51o1xCw3YnoBWr+/vf8A:4FuXMFkdXZMJu5ujb3YnosSXf8A
Score7/10-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-