General
-
Target
Peki V4.exe
-
Size
548KB
-
Sample
240425-v6tzsadb85
-
MD5
3d3e8bc1bd5265a4f35da0b594d60fbf
-
SHA1
27ae0bb3399f9178f272258a4a9153d5af6aea56
-
SHA256
2ba3caaba8ddeae1e33ec188c3c4ae322b856b44e0caabeb8909c661c668e6e5
-
SHA512
d41707d765f93b0790887a1351c72584356146c1d02e8fd1009739404d34b329d6abb538e1fd9f28161ed0e229a1259460655232676109f081cc14a0022f2b05
-
SSDEEP
12288:TTPUCQSmbfMcsgJqyE/KWcRTTjyRrh3sb3H:TTPLmrMZ8WcJHyzcrH
Static task
static1
Behavioral task
behavioral1
Sample
Peki V4.exe
Resource
win11-20240412-en
Malware Config
Targets
-
-
Target
Peki V4.exe
-
Size
548KB
-
MD5
3d3e8bc1bd5265a4f35da0b594d60fbf
-
SHA1
27ae0bb3399f9178f272258a4a9153d5af6aea56
-
SHA256
2ba3caaba8ddeae1e33ec188c3c4ae322b856b44e0caabeb8909c661c668e6e5
-
SHA512
d41707d765f93b0790887a1351c72584356146c1d02e8fd1009739404d34b329d6abb538e1fd9f28161ed0e229a1259460655232676109f081cc14a0022f2b05
-
SSDEEP
12288:TTPUCQSmbfMcsgJqyE/KWcRTTjyRrh3sb3H:TTPLmrMZ8WcJHyzcrH
Score10/10-
Nirsoft
-
Modifies Installed Components in the registry
-
Stops running service(s)
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1