General
-
Target
28b93de022f4184f133849c52de66a0ab70aafb1621ed7b972f9a4de137d2508
-
Size
746KB
-
Sample
240403-ybgmraba33
-
MD5
07c712ab97ad0964d38f7e5df61323fb
-
SHA1
45809721c09f435ed4c1303847d3d9db0b29d449
-
SHA256
28b93de022f4184f133849c52de66a0ab70aafb1621ed7b972f9a4de137d2508
-
SHA512
6c1dfc2cd6bd69aea46d028cca7a1a51b56fbee6571692b502a598f57989fb1aa92d0873014c329303b0febfa389b8e3c9f05ecc56b863f3a4418527d9bf7d03
-
SSDEEP
12288:A8EQoSM8rMmLF9yn08KYGhxvXZlqeZML3GeliG/FeLjee/ywi4i0ntV4DAOmMvpY:A8bMmLFAgY0xvpsnbRiG/Qee/ytBATM6
Behavioral task
behavioral1
Sample
28b93de022f4184f133849c52de66a0ab70aafb1621ed7b972f9a4de137d2508.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
28b93de022f4184f133849c52de66a0ab70aafb1621ed7b972f9a4de137d2508.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
28b93de022f4184f133849c52de66a0ab70aafb1621ed7b972f9a4de137d2508
-
Size
746KB
-
MD5
07c712ab97ad0964d38f7e5df61323fb
-
SHA1
45809721c09f435ed4c1303847d3d9db0b29d449
-
SHA256
28b93de022f4184f133849c52de66a0ab70aafb1621ed7b972f9a4de137d2508
-
SHA512
6c1dfc2cd6bd69aea46d028cca7a1a51b56fbee6571692b502a598f57989fb1aa92d0873014c329303b0febfa389b8e3c9f05ecc56b863f3a4418527d9bf7d03
-
SSDEEP
12288:A8EQoSM8rMmLF9yn08KYGhxvXZlqeZML3GeliG/FeLjee/ywi4i0ntV4DAOmMvpY:A8bMmLFAgY0xvpsnbRiG/Qee/ytBATM6
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-