General
-
Target
111f2460f952d442fb0cfb45f57f842f
-
Size
182KB
-
Sample
231230-g93jfafaf4
-
MD5
111f2460f952d442fb0cfb45f57f842f
-
SHA1
d2f87aab6fc2d98e5d6e77dbca7c944a2e260fba
-
SHA256
0ff2f125f3dda046fbe353be2099b241c065cbd191ad43930620e6209160b44b
-
SHA512
8d7003eee4bf914950a1e8e1958bdf533af77ba7fb511472c5b5eefc2a4c74e658a3e4d7a21fc8eee4d28e28438f070f425de104408f7abc3a9136ede4c29af8
-
SSDEEP
3072:Td4vWAO+fYOR+w7lDqWZiR6x49e8pNRt4fVNh934nbFrVrD8IoltQfME:TXAO477lDq6iRygpNRGVHmnbFrlD+v2v
Behavioral task
behavioral1
Sample
111f2460f952d442fb0cfb45f57f842f.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
111f2460f952d442fb0cfb45f57f842f.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
111f2460f952d442fb0cfb45f57f842f
-
Size
182KB
-
MD5
111f2460f952d442fb0cfb45f57f842f
-
SHA1
d2f87aab6fc2d98e5d6e77dbca7c944a2e260fba
-
SHA256
0ff2f125f3dda046fbe353be2099b241c065cbd191ad43930620e6209160b44b
-
SHA512
8d7003eee4bf914950a1e8e1958bdf533af77ba7fb511472c5b5eefc2a4c74e658a3e4d7a21fc8eee4d28e28438f070f425de104408f7abc3a9136ede4c29af8
-
SSDEEP
3072:Td4vWAO+fYOR+w7lDqWZiR6x49e8pNRt4fVNh934nbFrVrD8IoltQfME:TXAO477lDq6iRygpNRGVHmnbFrlD+v2v
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-