General
-
Target
1buttonBETA2-22.exe
-
Size
13.6MB
-
Sample
230609-2fwh9aed6s
-
MD5
e92e66ade8266a34d040fb51ee5a379d
-
SHA1
5db9d87344f71afafaef958b206b42751570a210
-
SHA256
d424f28ef64b3e38d8b5133a47aa6f77394a2a1f8c507346d56886a97f1ac2f0
-
SHA512
7e8b28ed5a90fa9d27d1481286b6d0b22f6d02a66a27a083a6bc15dec0bf9e63c2d682ffd7286e34294ffc27deb2ede5a9217e2cbc02a125b1bb1fb5fbdd9706
-
SSDEEP
393216:F5PhlA9gwuDivSwwTmrgBNRY5zD2OgXv60XR0rI9KV3lPLZ:F5PTYgwp7wakBNRY5zU60XaPV3lP1
Static task
static1
Behavioral task
behavioral1
Sample
1buttonBETA2-22.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
1buttonBETA2-22.exe
-
Size
13.6MB
-
MD5
e92e66ade8266a34d040fb51ee5a379d
-
SHA1
5db9d87344f71afafaef958b206b42751570a210
-
SHA256
d424f28ef64b3e38d8b5133a47aa6f77394a2a1f8c507346d56886a97f1ac2f0
-
SHA512
7e8b28ed5a90fa9d27d1481286b6d0b22f6d02a66a27a083a6bc15dec0bf9e63c2d682ffd7286e34294ffc27deb2ede5a9217e2cbc02a125b1bb1fb5fbdd9706
-
SSDEEP
393216:F5PhlA9gwuDivSwwTmrgBNRY5zD2OgXv60XR0rI9KV3lPLZ:F5PTYgwp7wakBNRY5zU60XaPV3lP1
Score10/10-
Deletes NTFS Change Journal
The USN change journal is a persistent log of all changes made to local files used by Windows Server systems.
-
Clears Windows event logs
-
Nirsoft
-
Stops running service(s)
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-