General
-
Target
fa39abe3a2f03072aaec17d78f19bd77717fff9e5d157fc984ce1eec9d487a58
-
Size
1.4MB
-
Sample
231012-p8fmaaah8w
-
MD5
91be6407e1e53df97e36f6c01bf24f5f
-
SHA1
97cc010afef380ccce89d5080f7311a5b5f2a20d
-
SHA256
fa39abe3a2f03072aaec17d78f19bd77717fff9e5d157fc984ce1eec9d487a58
-
SHA512
0e434e5cf11f286790df78105973e000c13e721447ddeaaab6957c8a29e9d4052013de7be317de8ad0500383b89963556e8916e0bb3a854d52c44587dfc3f28e
-
SSDEEP
24576:y8KjKjGFygcc23L1/NVOmOSGb6E3ecS4fzrjxJh9UZXlpbPvC7xtYUrEmFlo+L6L:rKjKWQc2b1FVgbjrjxPe1pbPSQm1Flo7
Malware Config
Targets
-
-
Target
fa39abe3a2f03072aaec17d78f19bd77717fff9e5d157fc984ce1eec9d487a58
-
Size
1.4MB
-
MD5
91be6407e1e53df97e36f6c01bf24f5f
-
SHA1
97cc010afef380ccce89d5080f7311a5b5f2a20d
-
SHA256
fa39abe3a2f03072aaec17d78f19bd77717fff9e5d157fc984ce1eec9d487a58
-
SHA512
0e434e5cf11f286790df78105973e000c13e721447ddeaaab6957c8a29e9d4052013de7be317de8ad0500383b89963556e8916e0bb3a854d52c44587dfc3f28e
-
SSDEEP
24576:y8KjKjGFygcc23L1/NVOmOSGb6E3ecS4fzrjxJh9UZXlpbPvC7xtYUrEmFlo+L6L:rKjKWQc2b1FVgbjrjxPe1pbPSQm1Flo7
Score8/10-
Downloads MZ/PE file
-
Modifies AppInit DLL entries
-
Sets file execution options in registry
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-