General
-
Target
EvolveClientSetup.zip
-
Size
18.3MB
-
Sample
230919-hzkfjshe77
-
MD5
78bd4e275654130402a8c29771f43ff6
-
SHA1
0541d42b8442585291dcb8157cb6f2cef01a94cc
-
SHA256
75c7301f68dc1b27ceb6831abd85d0a14f663968e8f81f69372dece58f6558be
-
SHA512
37e692e26b248b4d12c2a55910703b022412d7e0173d5901e67a640f44017061ba37f0582ab4ec85f80fed8eaea0ec44172cc1a24325bbe00a59b65dc7d6514e
-
SSDEEP
393216:vpCoY4McQjI+gfC6cCRG2BoOck2NmdYsriALBsDyZqDDx1wsDOyLDxO913T1Xt6+:1icYIjvRG2BoOR2N6piiLIDDVDafCY20
Static task
static1
Behavioral task
behavioral1
Sample
Setup_QandA.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
Setup_QandA.exe
-
Size
19.9MB
-
MD5
351890c1d8c26ec5fe349f748255a8e6
-
SHA1
031778efd659bf51b8ce6ea47478ce831c998ca9
-
SHA256
4b44999b447d328624683aa2fffb48c2c0bb78a21d2e22f75f8a240ef1815cf4
-
SHA512
e8c414baf63a979bf0e1ea2ac14f85568d097f74433ad678662e6bc9c0bc68a22c175a35d0c827cb5c96e735d544d2f65fec095eccabff4753e077fbfc498ede
-
SSDEEP
393216:/bVDe0GoxY20OFRe0ZLAZ/X253NwhcMz+NYBcnRb3g6rp8xdOVsDu8BBnYJGBYO/:/bVDe0G6YsFRe0ZLe/XW3NwcMy8cRbQ7
Score8/10-
Downloads MZ/PE file
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-