General
-
Target
cbe8fec0b9520357931bb48a0f9aa130fe193ea2ea76f1037c50f1f25ae812c2
-
Size
426KB
-
Sample
240419-dkd8rseh76
-
MD5
cb15e77f79170012a3d22cbad31681d3
-
SHA1
c2fe65867f5dee9cd65b6f4c634b61086ed3d178
-
SHA256
cbe8fec0b9520357931bb48a0f9aa130fe193ea2ea76f1037c50f1f25ae812c2
-
SHA512
b4575c7e317211af96c811337204b8c6e77d24d56965cb57fabe9a45c3789a26a40bc12f685ac764de1e412a67dc0061b7cf47ab2a342e92eb662db02fe164db
-
SSDEEP
12288:thmnrO7neOWktVU3J8LFpB0GMAzi/i9UBzgSID6mMYdYj2rvGAgR7iHkG5nCMyCB:tcCeNkfEbGMT/i6zg3D6mMY+qeAk7MkO
Malware Config
Targets
-
-
Target
cbe8fec0b9520357931bb48a0f9aa130fe193ea2ea76f1037c50f1f25ae812c2
-
Size
426KB
-
MD5
cb15e77f79170012a3d22cbad31681d3
-
SHA1
c2fe65867f5dee9cd65b6f4c634b61086ed3d178
-
SHA256
cbe8fec0b9520357931bb48a0f9aa130fe193ea2ea76f1037c50f1f25ae812c2
-
SHA512
b4575c7e317211af96c811337204b8c6e77d24d56965cb57fabe9a45c3789a26a40bc12f685ac764de1e412a67dc0061b7cf47ab2a342e92eb662db02fe164db
-
SSDEEP
12288:thmnrO7neOWktVU3J8LFpB0GMAzi/i9UBzgSID6mMYdYj2rvGAgR7iHkG5nCMyCB:tcCeNkfEbGMT/i6zg3D6mMY+qeAk7MkO
Score9/10-
Detects executables (downlaoders) containing URLs to raw contents of a paste
-
Detects executables referencing many IR and analysis tools
-
Modifies Installed Components in the registry
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-