General
-
Target
2ab925e1b611041799e0eb3e123ff2c6
-
Size
3.8MB
-
Sample
231231-gkp7tahfgk
-
MD5
2ab925e1b611041799e0eb3e123ff2c6
-
SHA1
24828bee2c9f911a62dd07d085059436fcda7866
-
SHA256
105137f7201a737456f865513fbf14e64ac16facad90b4cb6c314ac765ea302f
-
SHA512
573e951cc2bb591c8529a70ba84a9e2c535c4d8e31b04bc31e7d81795e2ad404241b910344127535f616c5415c271a8166cbfc455df2a4e018110f568ef052b8
-
SSDEEP
98304:pqFbd9jWsKXaLj33cbC7p68b0GDaCoPTEt0NcQGojg:wFbd9jWPAjMbIbVDMTEtOclB
Malware Config
Targets
-
-
Target
2ab925e1b611041799e0eb3e123ff2c6
-
Size
3.8MB
-
MD5
2ab925e1b611041799e0eb3e123ff2c6
-
SHA1
24828bee2c9f911a62dd07d085059436fcda7866
-
SHA256
105137f7201a737456f865513fbf14e64ac16facad90b4cb6c314ac765ea302f
-
SHA512
573e951cc2bb591c8529a70ba84a9e2c535c4d8e31b04bc31e7d81795e2ad404241b910344127535f616c5415c271a8166cbfc455df2a4e018110f568ef052b8
-
SSDEEP
98304:pqFbd9jWsKXaLj33cbC7p68b0GDaCoPTEt0NcQGojg:wFbd9jWPAjMbIbVDMTEtOclB
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-