General
-
Target
0753ad3ab09da170e8ed74c05bedd1efbeb772768dea6c54f976b0932a51df6b
-
Size
80.5MB
-
Sample
230607-vwvhkaea8y
-
MD5
5d084b1901f13e46b747fcc82f7e10b1
-
SHA1
1635f3678d02291c5a5b78df8c429e273cca0b30
-
SHA256
0753ad3ab09da170e8ed74c05bedd1efbeb772768dea6c54f976b0932a51df6b
-
SHA512
d1a7e269925b50ecd44b97ed39372a918896a4e976c6b9ab09ae948a27af15205cb3c5aee698d80844096c293910d61e402120758e9a46c1def576e8a0d15f7b
-
SSDEEP
1572864:i0mBl123uKwMxmeK6GyXHdUoIL95a426hwN/T1xF6GXtayb5tBLGUOtFohz:33uKwFF6ubNhG1xgGXXtBaUzB
Static task
static1
Behavioral task
behavioral1
Sample
0753ad3ab09da170e8ed74c05bedd1efbeb772768dea6c54f976b0932a51df6b.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0753ad3ab09da170e8ed74c05bedd1efbeb772768dea6c54f976b0932a51df6b.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
0753ad3ab09da170e8ed74c05bedd1efbeb772768dea6c54f976b0932a51df6b
-
Size
80.5MB
-
MD5
5d084b1901f13e46b747fcc82f7e10b1
-
SHA1
1635f3678d02291c5a5b78df8c429e273cca0b30
-
SHA256
0753ad3ab09da170e8ed74c05bedd1efbeb772768dea6c54f976b0932a51df6b
-
SHA512
d1a7e269925b50ecd44b97ed39372a918896a4e976c6b9ab09ae948a27af15205cb3c5aee698d80844096c293910d61e402120758e9a46c1def576e8a0d15f7b
-
SSDEEP
1572864:i0mBl123uKwMxmeK6GyXHdUoIL95a426hwN/T1xF6GXtayb5tBLGUOtFohz:33uKwFF6ubNhG1xgGXXtBaUzB
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Registers new Print Monitor
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-