General
-
Target
Project_1650464.msi
-
Size
1.8MB
-
Sample
230726-q34mlacc72
-
MD5
247a8cc39384e93d258360a11381000f
-
SHA1
23893f035f8564dfea5030b9fdd54120d96072bb
-
SHA256
6e068b9dcd8df03fd6456faeb4293c036b91a130a18f86a945c8964a576c1c70
-
SHA512
336eca9569c0072e92ce16743f47ba9d6be06390a196f8e81654d6a42642ff5c99e423bfed00a8396bb0b037d5b54df8c3bde53757646e7e1a204f3be271c998
-
SSDEEP
24576:ftncpVGP4I9FsEsyt8l+E+s1tB7parWM0+AL5QgZQvUXtAqlU0ZyMRp:epUP59FBJZEH1X1arF0vN/nX
Malware Config
Targets
-
-
Target
Project_1650464.msi
-
Size
1.8MB
-
MD5
247a8cc39384e93d258360a11381000f
-
SHA1
23893f035f8564dfea5030b9fdd54120d96072bb
-
SHA256
6e068b9dcd8df03fd6456faeb4293c036b91a130a18f86a945c8964a576c1c70
-
SHA512
336eca9569c0072e92ce16743f47ba9d6be06390a196f8e81654d6a42642ff5c99e423bfed00a8396bb0b037d5b54df8c3bde53757646e7e1a204f3be271c998
-
SSDEEP
24576:ftncpVGP4I9FsEsyt8l+E+s1tB7parWM0+AL5QgZQvUXtAqlU0ZyMRp:epUP59FBJZEH1X1arF0vN/nX
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-