General
-
Target
0362587c5b0ad8a967a949ab05b35799
-
Size
3.9MB
-
Sample
231224-sn9amsfab3
-
MD5
0362587c5b0ad8a967a949ab05b35799
-
SHA1
8fd8f85e6897cf25c7df18a0458dc9d1ed2214e5
-
SHA256
131b63a1b1aa05eb59bc7909b8a5fa932c4b64dd99621b1ff0d6aae6d613a070
-
SHA512
95cd6bdd3d74526b7bc5d8589d1c2a5bd2551f885911a186a01b828c46bb3c5cb8110a0c5b9321775eff6a23110a18e0d0b133e1ae8598190994aa47a6504293
-
SSDEEP
49152:G9XOwH84bt1OJsWcHWFksjSkoKE7xdLawsrxic7o30w6CNSA8r3yGTtMl06HNLh8:QX1H8xJsWcKWNBsZMkvGQiGBMdq
Malware Config
Targets
-
-
Target
0362587c5b0ad8a967a949ab05b35799
-
Size
3.9MB
-
MD5
0362587c5b0ad8a967a949ab05b35799
-
SHA1
8fd8f85e6897cf25c7df18a0458dc9d1ed2214e5
-
SHA256
131b63a1b1aa05eb59bc7909b8a5fa932c4b64dd99621b1ff0d6aae6d613a070
-
SHA512
95cd6bdd3d74526b7bc5d8589d1c2a5bd2551f885911a186a01b828c46bb3c5cb8110a0c5b9321775eff6a23110a18e0d0b133e1ae8598190994aa47a6504293
-
SSDEEP
49152:G9XOwH84bt1OJsWcHWFksjSkoKE7xdLawsrxic7o30w6CNSA8r3yGTtMl06HNLh8:QX1H8xJsWcKWNBsZMkvGQiGBMdq
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-