General
-
Target
test.exe
-
Size
19.8MB
-
Sample
240221-sgywbshf5z
-
MD5
4e0f670ccbd30c1a8f5dcffacdbb55fd
-
SHA1
b2ff0e34248dad50a4fa3bd9c00c13225bea38db
-
SHA256
6663dd5018e20c9b6e2040a7a305ffa44fe3992b5d54f3a0703b3f79da0997f9
-
SHA512
1734634192a2cda3ad6d12a201db2ee0765d35c9c3db5acab51d989a9b78cb61b97239ae1dcba0abb0dad6e60532047c5a52a8dfffff0588b839d931c8afba46
-
SSDEEP
393216:k2D9wW+eGQRj6QtSX8IneRMVMTozGxu8C0ibfz6eIau5qW80hoA/g7xUZkX8Wjoy:xD9wW+e5RrtYXeRDoztZ026eW5qW80hM
Malware Config
Targets
-
-
Target
test.exe
-
Size
19.8MB
-
MD5
4e0f670ccbd30c1a8f5dcffacdbb55fd
-
SHA1
b2ff0e34248dad50a4fa3bd9c00c13225bea38db
-
SHA256
6663dd5018e20c9b6e2040a7a305ffa44fe3992b5d54f3a0703b3f79da0997f9
-
SHA512
1734634192a2cda3ad6d12a201db2ee0765d35c9c3db5acab51d989a9b78cb61b97239ae1dcba0abb0dad6e60532047c5a52a8dfffff0588b839d931c8afba46
-
SSDEEP
393216:k2D9wW+eGQRj6QtSX8IneRMVMTozGxu8C0ibfz6eIau5qW80hoA/g7xUZkX8Wjoy:xD9wW+e5RrtYXeRDoztZ026eW5qW80hM
Score7/10-
Loads dropped DLL
-
-
-
Target
test.pyc
-
Size
5KB
-
MD5
6bfa9882c3fe0a099e3507b21528c82e
-
SHA1
4e37dba7ba43113d35cfbeffa05b49ee2b033468
-
SHA256
94fc6ea318ee7cf750a44af7e7f61f6944e0f6cb4956a89f41ebaaf3e708778f
-
SHA512
a25393669ae62bc8b13b5ddc3beae9a067d0e30647066447e761e9a45974abcf67a9981f0ea691aaa80b920489a990d4eb05aa560a6c44c269ad029effff4ade
-
SSDEEP
96:YcNgwShgK494p+qQbCv+28VUVajrs/QTSn/I2+JV+Q:YgjShgxqQQG6ajrs4m/IgQ
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-