General
-
Target
2509096d91434af26bfae615bfae80650079c7220bdcb0babd9713ef8a2514d5
-
Size
1.7MB
-
Sample
240428-x55e8sfb45
-
MD5
d058a71049695735805496016365d51a
-
SHA1
e27aeba42a29ce29ab654e462a5450970ee84290
-
SHA256
2509096d91434af26bfae615bfae80650079c7220bdcb0babd9713ef8a2514d5
-
SHA512
eb43325f5b1de7667d5e461294b5eb835960534399bd7267792cc63fbcd104b207dfad86815c8cd8e6dcb7330585fd352ec9cfead131d3d0ff963d0697e7dac2
-
SSDEEP
49152:XEMC7h36RFaLZ1ybswvTIpjtEA9UoMzPjz:XPFaKIpJERzPjz
Behavioral task
behavioral1
Sample
2509096d91434af26bfae615bfae80650079c7220bdcb0babd9713ef8a2514d5.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2509096d91434af26bfae615bfae80650079c7220bdcb0babd9713ef8a2514d5.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2509096d91434af26bfae615bfae80650079c7220bdcb0babd9713ef8a2514d5
-
Size
1.7MB
-
MD5
d058a71049695735805496016365d51a
-
SHA1
e27aeba42a29ce29ab654e462a5450970ee84290
-
SHA256
2509096d91434af26bfae615bfae80650079c7220bdcb0babd9713ef8a2514d5
-
SHA512
eb43325f5b1de7667d5e461294b5eb835960534399bd7267792cc63fbcd104b207dfad86815c8cd8e6dcb7330585fd352ec9cfead131d3d0ff963d0697e7dac2
-
SSDEEP
49152:XEMC7h36RFaLZ1ybswvTIpjtEA9UoMzPjz:XPFaKIpJERzPjz
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-