General
-
Target
4ebabf882222318dec9aa949c4a468b0828c1ad31e9177b05504bcf89be4ab4b
-
Size
1.1MB
-
Sample
240407-zrtspaec6v
-
MD5
96685ba2970acc1fb84e35f3a964216b
-
SHA1
987918a32ded6d9bace186b662db5a1860d14bc9
-
SHA256
4ebabf882222318dec9aa949c4a468b0828c1ad31e9177b05504bcf89be4ab4b
-
SHA512
bd7927965bbb60b0bd7584a2eed5980c937fa5e0a8d538fd822cd8157feaedb7f509ca582c99f84259b1b02617d6daea1ad14857c3d45e269cf3e9ffc088c27a
-
SSDEEP
24576:A8wsvmP9dlC4Ket6IR/ngmmL6qmIyXSAH5MLS6/zbIS+XI:A3dU4KTIJgmnIyX3MLz/zblx
Behavioral task
behavioral1
Sample
4ebabf882222318dec9aa949c4a468b0828c1ad31e9177b05504bcf89be4ab4b.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
4ebabf882222318dec9aa949c4a468b0828c1ad31e9177b05504bcf89be4ab4b.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
4ebabf882222318dec9aa949c4a468b0828c1ad31e9177b05504bcf89be4ab4b
-
Size
1.1MB
-
MD5
96685ba2970acc1fb84e35f3a964216b
-
SHA1
987918a32ded6d9bace186b662db5a1860d14bc9
-
SHA256
4ebabf882222318dec9aa949c4a468b0828c1ad31e9177b05504bcf89be4ab4b
-
SHA512
bd7927965bbb60b0bd7584a2eed5980c937fa5e0a8d538fd822cd8157feaedb7f509ca582c99f84259b1b02617d6daea1ad14857c3d45e269cf3e9ffc088c27a
-
SSDEEP
24576:A8wsvmP9dlC4Ket6IR/ngmmL6qmIyXSAH5MLS6/zbIS+XI:A3dU4KTIJgmnIyX3MLz/zblx
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-