General
-
Target
winwps.msi
-
Size
7.2MB
-
Sample
230629-j7yhtacd75
-
MD5
2ac06906ddfaaf7b8bd026a8a15c5ee0
-
SHA1
295c845ee6cba9fc9de9c1556123768e4d400859
-
SHA256
054e038130f657c86e258ab997b41847adcce19e72cb8118c91e5fae8d7d5162
-
SHA512
599c3eb97ee8bc84a185d3a0ac290c2998d513c998bef6276ffe4e29e2e66eb31455672b16157c4320ce1ed2c2a996d717c9c4d717c206c600581934730a29ee
-
SSDEEP
98304:UirbyiJB8py4vVaBI6/k42Pi2XJe1UrsQF4toMGPV7XyLG6teTTxmEiDr1uQ238o:UiSiIEW4BIcqi7QF4Gdxh6MT1k1uQn
Static task
static1
Malware Config
Targets
-
-
Target
winwps.msi
-
Size
7.2MB
-
MD5
2ac06906ddfaaf7b8bd026a8a15c5ee0
-
SHA1
295c845ee6cba9fc9de9c1556123768e4d400859
-
SHA256
054e038130f657c86e258ab997b41847adcce19e72cb8118c91e5fae8d7d5162
-
SHA512
599c3eb97ee8bc84a185d3a0ac290c2998d513c998bef6276ffe4e29e2e66eb31455672b16157c4320ce1ed2c2a996d717c9c4d717c206c600581934730a29ee
-
SSDEEP
98304:UirbyiJB8py4vVaBI6/k42Pi2XJe1UrsQF4toMGPV7XyLG6teTTxmEiDr1uQ238o:UiSiIEW4BIcqi7QF4Gdxh6MT1k1uQn
-
Detect Blackmoon payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-