General
-
Target
ea8e4243bdc98f32b87ee4f3cc0f3e596dcbac5287bfec86f3c701e270cb781c
-
Size
268KB
-
Sample
240406-erwbasah48
-
MD5
6b284da731aca61e2210ab58f57cd153
-
SHA1
636f9bd838637e6297874676346e2d81746721de
-
SHA256
ea8e4243bdc98f32b87ee4f3cc0f3e596dcbac5287bfec86f3c701e270cb781c
-
SHA512
636e69dd3939ad375c828afae0aa4a4bbb40c5df716e7bd2917291857a4a924fe394b8cab7b9c8577638cc9a925c2802d09e1fd8924f9c66718ff785f7ccf569
-
SSDEEP
6144:A8jluQoSoIo5R97NELNA8BDgysosdfBupdeNoMn7Vm5W1v6v:A8EQoSM9h8BDr0dpupwoMn7Vkmv6v
Behavioral task
behavioral1
Sample
ea8e4243bdc98f32b87ee4f3cc0f3e596dcbac5287bfec86f3c701e270cb781c.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ea8e4243bdc98f32b87ee4f3cc0f3e596dcbac5287bfec86f3c701e270cb781c.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
ea8e4243bdc98f32b87ee4f3cc0f3e596dcbac5287bfec86f3c701e270cb781c
-
Size
268KB
-
MD5
6b284da731aca61e2210ab58f57cd153
-
SHA1
636f9bd838637e6297874676346e2d81746721de
-
SHA256
ea8e4243bdc98f32b87ee4f3cc0f3e596dcbac5287bfec86f3c701e270cb781c
-
SHA512
636e69dd3939ad375c828afae0aa4a4bbb40c5df716e7bd2917291857a4a924fe394b8cab7b9c8577638cc9a925c2802d09e1fd8924f9c66718ff785f7ccf569
-
SSDEEP
6144:A8jluQoSoIo5R97NELNA8BDgysosdfBupdeNoMn7Vm5W1v6v:A8EQoSM9h8BDr0dpupwoMn7Vkmv6v
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-