General
-
Target
93b4fb0ee3e0891dd597d3836e0a9e6bd460fe9afaff442dfedcc6bd32a0e75c
-
Size
159KB
-
Sample
240407-3hav1ahh95
-
MD5
6316a56c2b07baca57916f5af63e2549
-
SHA1
589ef643e6a00bc9319e868e4022a9cc126d60fb
-
SHA256
93b4fb0ee3e0891dd597d3836e0a9e6bd460fe9afaff442dfedcc6bd32a0e75c
-
SHA512
b4e4a921365aa4982483f7d489adfcf9f98c5b8860374d77fccf6750335155689de7edcb6a3820349d9937872bba2d446742e409f95083bce5082bfadc3d6727
-
SSDEEP
3072:t/jbLl/gvQoutJoOoGh7S5IBm7PYQ5wFB9b0tlp+wGdpoWp1+Nr6:VjluQoSJKGjEPYQ5wFnIrp+wGdiS1+Ne
Behavioral task
behavioral1
Sample
93b4fb0ee3e0891dd597d3836e0a9e6bd460fe9afaff442dfedcc6bd32a0e75c.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
93b4fb0ee3e0891dd597d3836e0a9e6bd460fe9afaff442dfedcc6bd32a0e75c.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
93b4fb0ee3e0891dd597d3836e0a9e6bd460fe9afaff442dfedcc6bd32a0e75c
-
Size
159KB
-
MD5
6316a56c2b07baca57916f5af63e2549
-
SHA1
589ef643e6a00bc9319e868e4022a9cc126d60fb
-
SHA256
93b4fb0ee3e0891dd597d3836e0a9e6bd460fe9afaff442dfedcc6bd32a0e75c
-
SHA512
b4e4a921365aa4982483f7d489adfcf9f98c5b8860374d77fccf6750335155689de7edcb6a3820349d9937872bba2d446742e409f95083bce5082bfadc3d6727
-
SSDEEP
3072:t/jbLl/gvQoutJoOoGh7S5IBm7PYQ5wFB9b0tlp+wGdpoWp1+Nr6:VjluQoSJKGjEPYQ5wFnIrp+wGdiS1+Ne
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-