General
-
Target
NEAS.cf9461003d7870f4ac0c1714d104b860.exe
-
Size
118KB
-
Sample
231103-r2g8mscg7z
-
MD5
cf9461003d7870f4ac0c1714d104b860
-
SHA1
90549076c16f93390719b9b3489669e5e4261209
-
SHA256
50911e1a23d33eb4a7bc66387585299339d3971f9933c0aa943c06af6daed9da
-
SHA512
116b1c79e0cad9c33a146fa4971b4706b7eb57900b2ac93abdecbdb3d322d35a454f20f301b2b4345cb3005db23dacf3ffd4d9445443c665b138ce3a6b38af7a
-
SSDEEP
3072:vOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPb:vIs9OKofHfHTXQLzgvnzHPowYbvrjD/m
Malware Config
Targets
-
-
Target
NEAS.cf9461003d7870f4ac0c1714d104b860.exe
-
Size
118KB
-
MD5
cf9461003d7870f4ac0c1714d104b860
-
SHA1
90549076c16f93390719b9b3489669e5e4261209
-
SHA256
50911e1a23d33eb4a7bc66387585299339d3971f9933c0aa943c06af6daed9da
-
SHA512
116b1c79e0cad9c33a146fa4971b4706b7eb57900b2ac93abdecbdb3d322d35a454f20f301b2b4345cb3005db23dacf3ffd4d9445443c665b138ce3a6b38af7a
-
SSDEEP
3072:vOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPb:vIs9OKofHfHTXQLzgvnzHPowYbvrjD/m
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-