General
-
Target
0baa84d4b855d23fd66ad50914680bc128b6db7a83485fc813d2737eb86b9031
-
Size
120KB
-
Sample
240428-w57pxsdh75
-
MD5
11459b479c8d64f3b847f9b96372f123
-
SHA1
fff23879432710324eade7f684094579c69add8c
-
SHA256
0baa84d4b855d23fd66ad50914680bc128b6db7a83485fc813d2737eb86b9031
-
SHA512
c7bc0e5f3d5a1a78124ec4918ba92c3f08ff5080173687f41ce2e4fe3673c879b20844d795d1054c5b22d731aca803fc87d0d940aa6c389b6c4b202fee0ee400
-
SSDEEP
3072:aDOkexJLFdrPZ1Tj4mYWR/R4nkPR/1aVuyJsf7tETol33wAx62Nv:aDOxZXPIo5R4nM/40yJc7tl33wS/
Behavioral task
behavioral1
Sample
0baa84d4b855d23fd66ad50914680bc128b6db7a83485fc813d2737eb86b9031.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
0baa84d4b855d23fd66ad50914680bc128b6db7a83485fc813d2737eb86b9031.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
0baa84d4b855d23fd66ad50914680bc128b6db7a83485fc813d2737eb86b9031
-
Size
120KB
-
MD5
11459b479c8d64f3b847f9b96372f123
-
SHA1
fff23879432710324eade7f684094579c69add8c
-
SHA256
0baa84d4b855d23fd66ad50914680bc128b6db7a83485fc813d2737eb86b9031
-
SHA512
c7bc0e5f3d5a1a78124ec4918ba92c3f08ff5080173687f41ce2e4fe3673c879b20844d795d1054c5b22d731aca803fc87d0d940aa6c389b6c4b202fee0ee400
-
SSDEEP
3072:aDOkexJLFdrPZ1Tj4mYWR/R4nkPR/1aVuyJsf7tETol33wAx62Nv:aDOxZXPIo5R4nM/40yJc7tl33wS/
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-