General
-
Target
a0a7c3aa8853a4b9d4b8668d59e953689e63abf194c22cf3b23aed09d33d1017
-
Size
1.5MB
-
Sample
240407-31yd1saf45
-
MD5
767ec95274b742f797cf74da17d1d807
-
SHA1
5cd377952a9d94097108507ee02fae00c5a71abc
-
SHA256
a0a7c3aa8853a4b9d4b8668d59e953689e63abf194c22cf3b23aed09d33d1017
-
SHA512
c29435a7b984ef666c2e9d07312756f6066862a9e3aa8ba5d362c7b9489a4f32764c3658c35d2632f9242e2474778dda4654b4da4812c891462bfc98e03d611b
-
SSDEEP
24576:lUtT+YQ+jm7fTeWqRC+6P5N/elVKCneZo3r50fgCgbTV+a2oB57hpmwdqR/fqOzW:+sYQaeSWKX6f/elLp3r5Qg5BK/0qO
Behavioral task
behavioral1
Sample
a0a7c3aa8853a4b9d4b8668d59e953689e63abf194c22cf3b23aed09d33d1017.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
a0a7c3aa8853a4b9d4b8668d59e953689e63abf194c22cf3b23aed09d33d1017.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
a0a7c3aa8853a4b9d4b8668d59e953689e63abf194c22cf3b23aed09d33d1017
-
Size
1.5MB
-
MD5
767ec95274b742f797cf74da17d1d807
-
SHA1
5cd377952a9d94097108507ee02fae00c5a71abc
-
SHA256
a0a7c3aa8853a4b9d4b8668d59e953689e63abf194c22cf3b23aed09d33d1017
-
SHA512
c29435a7b984ef666c2e9d07312756f6066862a9e3aa8ba5d362c7b9489a4f32764c3658c35d2632f9242e2474778dda4654b4da4812c891462bfc98e03d611b
-
SSDEEP
24576:lUtT+YQ+jm7fTeWqRC+6P5N/elVKCneZo3r50fgCgbTV+a2oB57hpmwdqR/fqOzW:+sYQaeSWKX6f/elLp3r5Qg5BK/0qO
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-