General
-
Target
532e97e0ff4498854440784c6e7bcb8ed84ca654fb4acf893e8255b8a8c37911
-
Size
1.4MB
-
Sample
230626-ds1rqsga56
-
MD5
59afa5bc60bf7b9adb7dd4a0df84c0d9
-
SHA1
e3aa21d37156ea87d87ccbd011cf84896621b572
-
SHA256
532e97e0ff4498854440784c6e7bcb8ed84ca654fb4acf893e8255b8a8c37911
-
SHA512
4453e05b34f44f2ed9af0a51dfae9e08669812e47cc32699285c617981b1f106d617db308aff60b4da109eb1c35639a89e3e3b4d5d66d568106a5f529639bc98
-
SSDEEP
24576:T4pCbcwQbbC+/bb2GRrILR4IKz/L5uqju6u/kKxmgMfBvOoUSd3GdrwSRHIp:UpAnhalMRLKLhjtu/3xm3GzSdWdVHG
Static task
static1
Behavioral task
behavioral1
Sample
532e97e0ff4498854440784c6e7bcb8ed84ca654fb4acf893e8255b8a8c37911.exe
Resource
win7-20230621-en
Malware Config
Extracted
rustybuer
https://serevalutinoffice.com/
Targets
-
-
Target
532e97e0ff4498854440784c6e7bcb8ed84ca654fb4acf893e8255b8a8c37911
-
Size
1.4MB
-
MD5
59afa5bc60bf7b9adb7dd4a0df84c0d9
-
SHA1
e3aa21d37156ea87d87ccbd011cf84896621b572
-
SHA256
532e97e0ff4498854440784c6e7bcb8ed84ca654fb4acf893e8255b8a8c37911
-
SHA512
4453e05b34f44f2ed9af0a51dfae9e08669812e47cc32699285c617981b1f106d617db308aff60b4da109eb1c35639a89e3e3b4d5d66d568106a5f529639bc98
-
SSDEEP
24576:T4pCbcwQbbC+/bb2GRrILR4IKz/L5uqju6u/kKxmgMfBvOoUSd3GdrwSRHIp:UpAnhalMRLKLhjtu/3xm3GzSdWdVHG
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-