General
-
Target
HousecallLauncher64.exe
-
Size
3.5MB
-
Sample
230506-stfkhshg39
-
MD5
418e07b780152848328a5157f6ab9f1a
-
SHA1
0f9fc8d36792ddac8a4b5b121665206719e7aad2
-
SHA256
1837fc18d5b779a7b47bb9163a7c93c995a7c814c2b38cc16a0cf2419bf8d2d1
-
SHA512
fdac16d696fffecb955188d020baaef8ab0b8ae41f418cfba2f90a7a0d0cfc8a56e1ec0941b20e3bd3f9f1defe66d93e2b327eb9b746a8e7ef705178e52682fc
-
SSDEEP
49152:8gJfAqJHqm4ekAKxJpmssTBSg1L0xQsUAinAqriB19QwP5Sd4B24uQ2Mss/pDsAu:8gCmZHJoWJ2oAqWBvQTETRWL
Static task
static1
Behavioral task
behavioral1
Sample
HousecallLauncher64.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
HousecallLauncher64.exe
-
Size
3.5MB
-
MD5
418e07b780152848328a5157f6ab9f1a
-
SHA1
0f9fc8d36792ddac8a4b5b121665206719e7aad2
-
SHA256
1837fc18d5b779a7b47bb9163a7c93c995a7c814c2b38cc16a0cf2419bf8d2d1
-
SHA512
fdac16d696fffecb955188d020baaef8ab0b8ae41f418cfba2f90a7a0d0cfc8a56e1ec0941b20e3bd3f9f1defe66d93e2b327eb9b746a8e7ef705178e52682fc
-
SSDEEP
49152:8gJfAqJHqm4ekAKxJpmssTBSg1L0xQsUAinAqriB19QwP5Sd4B24uQ2Mss/pDsAu:8gCmZHJoWJ2oAqWBvQTETRWL
-
Downloads MZ/PE file
-
Drops file in Drivers directory
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
Modifies termsrv.dll
Commonly used to allow simultaneous RDP sessions.
-