General
-
Target
3CXDesktopApp-18.13.949.msi
-
Size
107.4MB
-
Sample
230808-shf2xadc62
-
MD5
064ef107bb3e2076538b71b89ed87738
-
SHA1
6302a3370323a74fc5a2f52a55e5a099806c1e52
-
SHA256
218821bc5ff7cd79a77e60f2ff076eb3930e4b059c3a17566a0fedc4c42a5dda
-
SHA512
7dc56cedd3475f86439a1ea0146631a70890863a5b699e95f20bcbb80553653939947e8eec8887f672131ad5e8db9661671f916cab2a0a95fe8fb8a517f517b5
-
SSDEEP
1572864:cK5Cf0SnT8TXBwkBnaoeO8mvP8I6DPMwd0RUXOSDuBjCFYAR5awXnGIRc:cK5G0ST8H9adWyDrGi6jCF7R5agGI
Malware Config
Targets
-
-
Target
3CXDesktopApp-18.13.949.msi
-
Size
107.4MB
-
MD5
064ef107bb3e2076538b71b89ed87738
-
SHA1
6302a3370323a74fc5a2f52a55e5a099806c1e52
-
SHA256
218821bc5ff7cd79a77e60f2ff076eb3930e4b059c3a17566a0fedc4c42a5dda
-
SHA512
7dc56cedd3475f86439a1ea0146631a70890863a5b699e95f20bcbb80553653939947e8eec8887f672131ad5e8db9661671f916cab2a0a95fe8fb8a517f517b5
-
SSDEEP
1572864:cK5Cf0SnT8TXBwkBnaoeO8mvP8I6DPMwd0RUXOSDuBjCFYAR5awXnGIRc:cK5G0ST8H9adWyDrGi6jCF7R5agGI
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-