General
-
Target
48cfb10b88080f7bc8f30d6390781f0b
-
Size
629KB
-
Sample
240409-x8ptysfg23
-
MD5
48cfb10b88080f7bc8f30d6390781f0b
-
SHA1
7cc45fe067b15648dcf58508d540e97b49a408d1
-
SHA256
a5189a7fc6e08c9a0a833d27e158a67b582ebb842d254c03d5c84186c9f78ea7
-
SHA512
8b3b79dbb2524b09f0943ee7b08077f15421bc0e65e532baad88df0ff7657164705fdfc575615cbb05a166be4903ff11eab56f6e237809e2145d9b0104e0a1d3
-
SSDEEP
12288:TkozRSDSNunH1kFj/gI12rJ7rxnzGQD0KMX016zfR:wozRS+QVkItXNl12es
Static task
static1
Malware Config
Targets
-
-
Target
48cfb10b88080f7bc8f30d6390781f0b
-
Size
629KB
-
MD5
48cfb10b88080f7bc8f30d6390781f0b
-
SHA1
7cc45fe067b15648dcf58508d540e97b49a408d1
-
SHA256
a5189a7fc6e08c9a0a833d27e158a67b582ebb842d254c03d5c84186c9f78ea7
-
SHA512
8b3b79dbb2524b09f0943ee7b08077f15421bc0e65e532baad88df0ff7657164705fdfc575615cbb05a166be4903ff11eab56f6e237809e2145d9b0104e0a1d3
-
SSDEEP
12288:TkozRSDSNunH1kFj/gI12rJ7rxnzGQD0KMX016zfR:wozRS+QVkItXNl12es
-
Expiro payload
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-