General
-
Target
0f52c8cc0193a8b172bdbdbe9ce7c475f8e9bae09d4d00aa7ce02ca9236258a5
-
Size
1.5MB
-
Sample
240403-xbvnyahf52
-
MD5
1e48a386bb362a574803573f08a4e346
-
SHA1
0fd8352f5d9e64c5c5d80cccdb172ffb5ab6131e
-
SHA256
0f52c8cc0193a8b172bdbdbe9ce7c475f8e9bae09d4d00aa7ce02ca9236258a5
-
SHA512
175ff4f29468d102aeed8c2820a4cfc98ac03594274a21088ef61b8f38453ee121c7d5db61e83f9d201cff69eab5e3a0185d1138b4aa69805ca29bd56980f8e2
-
SSDEEP
24576:YiW95yjJ5C4DVaSJursBuTnNklDE7wNnqpAWExnQVpZzGTeGfHB/rMw+ueZF7BJf:xWPcjNnJChYQ7InKPQnQVfCTlfB/r2uK
Behavioral task
behavioral1
Sample
0f52c8cc0193a8b172bdbdbe9ce7c475f8e9bae09d4d00aa7ce02ca9236258a5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0f52c8cc0193a8b172bdbdbe9ce7c475f8e9bae09d4d00aa7ce02ca9236258a5.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
0f52c8cc0193a8b172bdbdbe9ce7c475f8e9bae09d4d00aa7ce02ca9236258a5
-
Size
1.5MB
-
MD5
1e48a386bb362a574803573f08a4e346
-
SHA1
0fd8352f5d9e64c5c5d80cccdb172ffb5ab6131e
-
SHA256
0f52c8cc0193a8b172bdbdbe9ce7c475f8e9bae09d4d00aa7ce02ca9236258a5
-
SHA512
175ff4f29468d102aeed8c2820a4cfc98ac03594274a21088ef61b8f38453ee121c7d5db61e83f9d201cff69eab5e3a0185d1138b4aa69805ca29bd56980f8e2
-
SSDEEP
24576:YiW95yjJ5C4DVaSJursBuTnNklDE7wNnqpAWExnQVpZzGTeGfHB/rMw+ueZF7BJf:xWPcjNnJChYQ7InKPQnQVfCTlfB/r2uK
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-