General
-
Target
41b96510b9e915bf2491c70b8e56231f6f1e312f49e1e31b77689d2d93f5ba41
-
Size
129KB
-
Sample
240407-y729bsdf3y
-
MD5
309b63511c73e10f49776744df69b778
-
SHA1
759f40e0a7414bcc2af23dcee62665b7f2bc34cf
-
SHA256
41b96510b9e915bf2491c70b8e56231f6f1e312f49e1e31b77689d2d93f5ba41
-
SHA512
4b1f088e27955b311ad590f2ec430b3d3097e0aa4fb60445bb9ab423586dd87f32ec95fafad903e362748b534fb199409f52e1bee116c91c5df4b3db8d0dcb34
-
SSDEEP
1536:t1RVCaKgzbLc54hukfgvYnouy8X5apRcfcDmJETuaUlndB9bz7/Ur4J/Qq:t/jbLl/gvQoutImkDmJLrldBdzbU0BQq
Behavioral task
behavioral1
Sample
41b96510b9e915bf2491c70b8e56231f6f1e312f49e1e31b77689d2d93f5ba41.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
41b96510b9e915bf2491c70b8e56231f6f1e312f49e1e31b77689d2d93f5ba41.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
41b96510b9e915bf2491c70b8e56231f6f1e312f49e1e31b77689d2d93f5ba41
-
Size
129KB
-
MD5
309b63511c73e10f49776744df69b778
-
SHA1
759f40e0a7414bcc2af23dcee62665b7f2bc34cf
-
SHA256
41b96510b9e915bf2491c70b8e56231f6f1e312f49e1e31b77689d2d93f5ba41
-
SHA512
4b1f088e27955b311ad590f2ec430b3d3097e0aa4fb60445bb9ab423586dd87f32ec95fafad903e362748b534fb199409f52e1bee116c91c5df4b3db8d0dcb34
-
SSDEEP
1536:t1RVCaKgzbLc54hukfgvYnouy8X5apRcfcDmJETuaUlndB9bz7/Ur4J/Qq:t/jbLl/gvQoutImkDmJLrldBdzbU0BQq
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-