General
-
Target
2ee5b6ef052ef91e4270fd880574a49a87eed7a65a4a121429d29279622f242a
-
Size
1.2MB
-
Sample
240407-yjsd8adb94
-
MD5
c9979e39159556ffec9ba9ff4a3d4d99
-
SHA1
89b6a14042347d644a9be9e797bcab9447ef6e26
-
SHA256
2ee5b6ef052ef91e4270fd880574a49a87eed7a65a4a121429d29279622f242a
-
SHA512
f0720792ef2d6e4e0a74f250e7dc1d775b10cb6ed50dde34d81c187fc41cf3956bc16a57f0fc683de77ee3c054c1c6e631bfb42b33e180af2be7158f3baf41ac
-
SSDEEP
24576:Yie0GEYrPayzos4xvQJ7UA6vkS8PwdQ+mf7WwLzchW6:xrYriyz0GJwAXH4dQVDBwN
Behavioral task
behavioral1
Sample
2ee5b6ef052ef91e4270fd880574a49a87eed7a65a4a121429d29279622f242a.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
2ee5b6ef052ef91e4270fd880574a49a87eed7a65a4a121429d29279622f242a.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2ee5b6ef052ef91e4270fd880574a49a87eed7a65a4a121429d29279622f242a
-
Size
1.2MB
-
MD5
c9979e39159556ffec9ba9ff4a3d4d99
-
SHA1
89b6a14042347d644a9be9e797bcab9447ef6e26
-
SHA256
2ee5b6ef052ef91e4270fd880574a49a87eed7a65a4a121429d29279622f242a
-
SHA512
f0720792ef2d6e4e0a74f250e7dc1d775b10cb6ed50dde34d81c187fc41cf3956bc16a57f0fc683de77ee3c054c1c6e631bfb42b33e180af2be7158f3baf41ac
-
SSDEEP
24576:Yie0GEYrPayzos4xvQJ7UA6vkS8PwdQ+mf7WwLzchW6:xrYriyz0GJwAXH4dQVDBwN
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-