General
-
Target
Kerio-Vpnlike-32Bit.exe
-
Size
9.6MB
-
Sample
231012-mmwp9sdd61
-
MD5
7f4f3492feef2acde222975aa6006f99
-
SHA1
24e4bc0d49b3b89b4910778d6642052e80ca32ec
-
SHA256
5a1dc565eea53fe57433dd5e76e093ab20e67cccd0d9fc2ba7a71d2a8f896bb9
-
SHA512
3e98da1f0654a916dee493c9aacdb293f562f7a7adc18b07662fb4267cb2deb953d9abde608cc9041bf9bd062fd330cc116f0e1910fc298e932bbf71b82b3621
-
SSDEEP
196608:Mlq+1NKOV3HbOVYt3wHpe0t/jev/cXeEzi7DQPjJf9s:Y7Hd3UeM7e8XeM8UPNfi
Static task
static1
Behavioral task
behavioral1
Sample
Kerio-Vpnlike-32Bit.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Kerio-Vpnlike-32Bit.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
Kerio-Vpnlike-32Bit.exe
-
Size
9.6MB
-
MD5
7f4f3492feef2acde222975aa6006f99
-
SHA1
24e4bc0d49b3b89b4910778d6642052e80ca32ec
-
SHA256
5a1dc565eea53fe57433dd5e76e093ab20e67cccd0d9fc2ba7a71d2a8f896bb9
-
SHA512
3e98da1f0654a916dee493c9aacdb293f562f7a7adc18b07662fb4267cb2deb953d9abde608cc9041bf9bd062fd330cc116f0e1910fc298e932bbf71b82b3621
-
SSDEEP
196608:Mlq+1NKOV3HbOVYt3wHpe0t/jev/cXeEzi7DQPjJf9s:Y7Hd3UeM7e8XeM8UPNfi
Score6/10-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-