General
-
Target
XcHvYYrNa.exe
-
Size
111KB
-
Sample
240518-b8ehbsee95
-
MD5
98e558eaea97f0b282b42fa6d49070b6
-
SHA1
2e48bb1b50177fe17392ac9407ba9f7e45685a3a
-
SHA256
d50d11636b59a11c81577342de7c72f694c99540311c2c3ffa53126e8cc394f1
-
SHA512
01dcd7a191ef331fe7626f760064e4368cd06c7a30374b74074d6dddf35683b443fb8c0677d1a7bfa88eac81f482dadf6788f343d9958fc9818be749ac7e9882
-
SSDEEP
1536:v+bDH/4gqLM91qQIwBI5xxxxdyyKDWfebhDqI68QWfzCrAZuYPwDr:Wb7/4jLSIFxxj8bxqH8QWfzCrAZuYUr
Behavioral task
behavioral1
Sample
XcHvYYrNa.exe
Resource
win10-20240404-en
Malware Config
Extracted
toxiceye
https://api.telegram.org/bot6444357834:AAGtL3te5_xl4dvacn8BJElHrky5SlLcE_4/sendMessage?chat_id=5563559839
Targets
-
-
Target
XcHvYYrNa.exe
-
Size
111KB
-
MD5
98e558eaea97f0b282b42fa6d49070b6
-
SHA1
2e48bb1b50177fe17392ac9407ba9f7e45685a3a
-
SHA256
d50d11636b59a11c81577342de7c72f694c99540311c2c3ffa53126e8cc394f1
-
SHA512
01dcd7a191ef331fe7626f760064e4368cd06c7a30374b74074d6dddf35683b443fb8c0677d1a7bfa88eac81f482dadf6788f343d9958fc9818be749ac7e9882
-
SSDEEP
1536:v+bDH/4gqLM91qQIwBI5xxxxdyyKDWfebhDqI68QWfzCrAZuYPwDr:Wb7/4jLSIFxxj8bxqH8QWfzCrAZuYUr
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-