General
-
Target
29770e57e49958333a04bc604f558bd4ff3f1edcf771eac41a09763f1c03efce
-
Size
1.8MB
-
Sample
240407-yb5pksch49
-
MD5
d45587fe561c93528664fe0dcaae59f8
-
SHA1
500e89b875f50ddc1b03ca03c985abdfb33044f2
-
SHA256
29770e57e49958333a04bc604f558bd4ff3f1edcf771eac41a09763f1c03efce
-
SHA512
a3d65280f0142a3326a95e54fef22f8ca8ffc645192dd7f40f1fa0794682df1ce01a36560ab3764eddc964d3ee61b2d2791e2a031964a5c0bd6372dc00131915
-
SSDEEP
49152:+L7zWlFx6+AQ3TZY6BmLEeAbtp0HlDifi:+bIFx6+AQDFBMEfp0HlDR
Behavioral task
behavioral1
Sample
29770e57e49958333a04bc604f558bd4ff3f1edcf771eac41a09763f1c03efce.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
29770e57e49958333a04bc604f558bd4ff3f1edcf771eac41a09763f1c03efce.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
29770e57e49958333a04bc604f558bd4ff3f1edcf771eac41a09763f1c03efce
-
Size
1.8MB
-
MD5
d45587fe561c93528664fe0dcaae59f8
-
SHA1
500e89b875f50ddc1b03ca03c985abdfb33044f2
-
SHA256
29770e57e49958333a04bc604f558bd4ff3f1edcf771eac41a09763f1c03efce
-
SHA512
a3d65280f0142a3326a95e54fef22f8ca8ffc645192dd7f40f1fa0794682df1ce01a36560ab3764eddc964d3ee61b2d2791e2a031964a5c0bd6372dc00131915
-
SSDEEP
49152:+L7zWlFx6+AQ3TZY6BmLEeAbtp0HlDifi:+bIFx6+AQDFBMEfp0HlDR
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-