General
-
Target
1cc32313ee2cd2bada1b6345a87e17780dcb3e3129727693a229e644450727c5
-
Size
1.7MB
-
Sample
240407-xtbc1sbg8x
-
MD5
e4bf0ffb4909f27af806424b59283a1a
-
SHA1
4f96d9d2cf71f63d60e09a6c0a4469eeafef3664
-
SHA256
1cc32313ee2cd2bada1b6345a87e17780dcb3e3129727693a229e644450727c5
-
SHA512
552bff9516d0816866e246cc40658a3b7ee361af85084d57913108f43a92ff0f8d33cd090482f8763251e16f405f8e52b1b3f14d0834339f4bd9283d0a936a81
-
SSDEEP
24576:V/UoQxYCdY0DUbl/fK8bNOAcDj+gs4DCZrSZuBcA80BSEFsZfu0LSTasrhuzbUrM:OXJXQ/DbNOvBZYUp+TaieuN2/M0p99NP
Behavioral task
behavioral1
Sample
1cc32313ee2cd2bada1b6345a87e17780dcb3e3129727693a229e644450727c5.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
1cc32313ee2cd2bada1b6345a87e17780dcb3e3129727693a229e644450727c5.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
1cc32313ee2cd2bada1b6345a87e17780dcb3e3129727693a229e644450727c5
-
Size
1.7MB
-
MD5
e4bf0ffb4909f27af806424b59283a1a
-
SHA1
4f96d9d2cf71f63d60e09a6c0a4469eeafef3664
-
SHA256
1cc32313ee2cd2bada1b6345a87e17780dcb3e3129727693a229e644450727c5
-
SHA512
552bff9516d0816866e246cc40658a3b7ee361af85084d57913108f43a92ff0f8d33cd090482f8763251e16f405f8e52b1b3f14d0834339f4bd9283d0a936a81
-
SSDEEP
24576:V/UoQxYCdY0DUbl/fK8bNOAcDj+gs4DCZrSZuBcA80BSEFsZfu0LSTasrhuzbUrM:OXJXQ/DbNOvBZYUp+TaieuN2/M0p99NP
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-