General
-
Target
13773976274.zip
-
Size
1.4MB
-
Sample
231221-mbst8sgegj
-
MD5
b3e2307be7797bc5668fce5cf9a486fb
-
SHA1
5138d4b12e921b5bda527a9debbbf6e122ee3722
-
SHA256
eb6e09a045333d352be7ba08268751b7d012623b4f3d5ba27f5ad3634ba3804d
-
SHA512
6dad564d3a4eb35aa70ef0f981294f130789a95169cbef85fe336cfc7f55ff2c19b5b3d16f929e26f5b6b2b4385393892224af2f8c493a7762775b634a9c8fae
-
SSDEEP
24576:qDpWYgQrtpPReFVSPDH/2rqB/YdO0wHC7WRyT3OnPdHWd8047npg7s/I:QpXgQB/eFV4DH/2+B/4wHC4uSHBS7s/I
Static task
static1
Behavioral task
behavioral1
Sample
8c44b52b3db1af62152ca2ec939477e65d85041b800e925258d82e9e9c52b81a.msi
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8c44b52b3db1af62152ca2ec939477e65d85041b800e925258d82e9e9c52b81a.msi
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
8c44b52b3db1af62152ca2ec939477e65d85041b800e925258d82e9e9c52b81a
-
Size
1.7MB
-
MD5
18352c4a2a2b6c1782fbe385ce306b09
-
SHA1
83795235962d2f3d83ad0c06a7ff5a240ecdd115
-
SHA256
8c44b52b3db1af62152ca2ec939477e65d85041b800e925258d82e9e9c52b81a
-
SHA512
337ed56c4889cb025501c4709c6a7e16db591a2103db6cb744c2538564bc422c40df33540ad9b3fedee8700426558fb0889b86f2524089cd1e586bc499a436e3
-
SSDEEP
24576:X+FYqowvitLVaoAeAKKdIAm9Fx8gPwCH/lwQk5uv5f01d63kH3b/d2/rMeSx7cTl:X+FYqNitLVaoAeAXCSQkoxs1dfxQMH
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-