General
-
Target
Trojan.Win32.Reconyc.fxms-26116658f87b8a84ae436646f34b9832bbf7060842ac960232d87049549581d4
-
Size
487KB
-
Sample
240229-nt85lsfh2t
-
MD5
09de445a668cfcd6c169dcb30fa5b062
-
SHA1
41fc93404b81fae800dce63965eebad4b53bcc33
-
SHA256
26116658f87b8a84ae436646f34b9832bbf7060842ac960232d87049549581d4
-
SHA512
8c0d8fdea5259052f2b8f19369da572c6f3d14c40c14bb261e9cfd6a2cd5c78474fde789cfb4c3eaffdd60a041819a0c67b1e29d2f79656bc71a637cca516837
-
SSDEEP
6144:yiNjjdOCJnUNKMEPDGeoo1HyisWW4g0QTxbGctE6Jm20tdVgWwAidpNCgrBF:TjjwULQoN84XQT08JoVgWwAkAQ
Static task
static1
Behavioral task
behavioral1
Sample
Trojan.Win32.Reconyc.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Trojan.Win32.Reconyc.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Trojan.Win32.Reconyc.fxms-26116658f87b8a84ae436646f34b9832bbf7060842ac960232d87049549581d4
-
Size
487KB
-
MD5
09de445a668cfcd6c169dcb30fa5b062
-
SHA1
41fc93404b81fae800dce63965eebad4b53bcc33
-
SHA256
26116658f87b8a84ae436646f34b9832bbf7060842ac960232d87049549581d4
-
SHA512
8c0d8fdea5259052f2b8f19369da572c6f3d14c40c14bb261e9cfd6a2cd5c78474fde789cfb4c3eaffdd60a041819a0c67b1e29d2f79656bc71a637cca516837
-
SSDEEP
6144:yiNjjdOCJnUNKMEPDGeoo1HyisWW4g0QTxbGctE6Jm20tdVgWwAidpNCgrBF:TjjwULQoN84XQT08JoVgWwAkAQ
Score9/10-
Detects executables packed with ASPack
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-