General
-
Target
02137479d0e2409c0e62147883a31de1.exe
-
Size
119KB
-
Sample
240106-zsd4mahef2
-
MD5
02137479d0e2409c0e62147883a31de1
-
SHA1
06b2da2df5b338f0fab4f0c11c1a300eccb45674
-
SHA256
fad42fa124d7ad60f3e84572e3c1efbcdf421ddc51de9d47d5ba0252444bd4cd
-
SHA512
a1e8567144bb0db76490f086d41008639c3f13fc76f6e3149fe6a2b366c9029264dcb63f01e40ae10722eb7a1712af8d4a8fb4a5ef4bec7dc7e68a39c629c109
-
SSDEEP
3072:SOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:SIs9OKofHfHTXQLzgvnzHPowYbvrjD/E
Malware Config
Targets
-
-
Target
02137479d0e2409c0e62147883a31de1.exe
-
Size
119KB
-
MD5
02137479d0e2409c0e62147883a31de1
-
SHA1
06b2da2df5b338f0fab4f0c11c1a300eccb45674
-
SHA256
fad42fa124d7ad60f3e84572e3c1efbcdf421ddc51de9d47d5ba0252444bd4cd
-
SHA512
a1e8567144bb0db76490f086d41008639c3f13fc76f6e3149fe6a2b366c9029264dcb63f01e40ae10722eb7a1712af8d4a8fb4a5ef4bec7dc7e68a39c629c109
-
SSDEEP
3072:SOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:SIs9OKofHfHTXQLzgvnzHPowYbvrjD/E
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-