General
-
Target
0a8eff6adb55385aca0514565ac83b24078e1e2979b6544d51a3c89d06abadb5
-
Size
1.9MB
-
Sample
240403-w4jayahc99
-
MD5
4e221d041d5ee23892fde0844fd995c7
-
SHA1
44f8ff646a34b9e041f639bb23b21c47aff547d4
-
SHA256
0a8eff6adb55385aca0514565ac83b24078e1e2979b6544d51a3c89d06abadb5
-
SHA512
ff870183dcbc285bd04023a57bd0d25c8fc564d7247960e4da07f86fec3e85051edf6a2993444949f621e60bf1b38474c257a326f3bf81fa9622a5b0fc5427e7
-
SSDEEP
49152:54VWxxha0+QLXFsc9sz/m2k3HKPqcutQA2NADTb:mGIQLidjk31cOQhNADv
Static task
static1
Behavioral task
behavioral1
Sample
0a8eff6adb55385aca0514565ac83b24078e1e2979b6544d51a3c89d06abadb5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0a8eff6adb55385aca0514565ac83b24078e1e2979b6544d51a3c89d06abadb5.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
0a8eff6adb55385aca0514565ac83b24078e1e2979b6544d51a3c89d06abadb5
-
Size
1.9MB
-
MD5
4e221d041d5ee23892fde0844fd995c7
-
SHA1
44f8ff646a34b9e041f639bb23b21c47aff547d4
-
SHA256
0a8eff6adb55385aca0514565ac83b24078e1e2979b6544d51a3c89d06abadb5
-
SHA512
ff870183dcbc285bd04023a57bd0d25c8fc564d7247960e4da07f86fec3e85051edf6a2993444949f621e60bf1b38474c257a326f3bf81fa9622a5b0fc5427e7
-
SSDEEP
49152:54VWxxha0+QLXFsc9sz/m2k3HKPqcutQA2NADTb:mGIQLidjk31cOQhNADv
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-