General
-
Target
20a045c7fd9a0824088decd13c8e62e2a7a31abb8c8b0db975df44837c773c57
-
Size
241KB
-
Sample
240407-xy5sescd59
-
MD5
6448fe2736ea5b54df2c166b9176d12c
-
SHA1
44eb5d789f05d52af1129bf4daac82bdd5aaddbd
-
SHA256
20a045c7fd9a0824088decd13c8e62e2a7a31abb8c8b0db975df44837c773c57
-
SHA512
faa4090d0ff876999197e1917e44a40d5c44e8d1cfac18db7c1f528bb556e07d1a6cb47b135a0cf29c57501b617714f916cb018c191fb90064933f13efd54afe
-
SSDEEP
3072:y9jbLl/gvQoutE1Tj4mYWR/R/M/h8COSFrWQnhBUYhoQSFEV3T2ECCqhzYabk0C8:0jluQoSuIo5RQ8DwrGYc434hz35rPJ
Behavioral task
behavioral1
Sample
20a045c7fd9a0824088decd13c8e62e2a7a31abb8c8b0db975df44837c773c57.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
20a045c7fd9a0824088decd13c8e62e2a7a31abb8c8b0db975df44837c773c57.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
20a045c7fd9a0824088decd13c8e62e2a7a31abb8c8b0db975df44837c773c57
-
Size
241KB
-
MD5
6448fe2736ea5b54df2c166b9176d12c
-
SHA1
44eb5d789f05d52af1129bf4daac82bdd5aaddbd
-
SHA256
20a045c7fd9a0824088decd13c8e62e2a7a31abb8c8b0db975df44837c773c57
-
SHA512
faa4090d0ff876999197e1917e44a40d5c44e8d1cfac18db7c1f528bb556e07d1a6cb47b135a0cf29c57501b617714f916cb018c191fb90064933f13efd54afe
-
SSDEEP
3072:y9jbLl/gvQoutE1Tj4mYWR/R/M/h8COSFrWQnhBUYhoQSFEV3T2ECCqhzYabk0C8:0jluQoSuIo5RQ8DwrGYc434hz35rPJ
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-