General
-
Target
0324576256a4ffef9466ef75eb4b43223a5c638c25e48e80cbfbd49d375befa8.zip
-
Size
16.8MB
-
Sample
240523-bdn4aafh67
-
MD5
e6e16731900398c0ec5032133b0cf714
-
SHA1
a4b26d5cde303b48dc9d0e5a538c79cce89e2a7c
-
SHA256
0324576256a4ffef9466ef75eb4b43223a5c638c25e48e80cbfbd49d375befa8
-
SHA512
736b925f5aa5f387dc938cffb1ebb29c85b24a4d694067e107177f11fb01f8c6d571ad1fcc80a181b23d6443464bb3d9f1d1bb1798bc65dd97021b8346130433
-
SSDEEP
393216:Dhn8dUnkv8NrJL3uu4X9W+5Hb9VQKMPGXPf:SeHJL3uxtWWHbgKZXn
Static task
static1
Behavioral task
behavioral1
Sample
factboletaeletricge.msi
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
factboletaeletricge.msi
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
factboletaeletricge.msi
-
Size
18.7MB
-
MD5
4cbfb798bb6076378fc96c9c4b1a80fc
-
SHA1
5fadac688f773244af547411b22d44d757c4c829
-
SHA256
0f962b19b3405722d618ca44beea3240f8c809723b9f7735828db59d061fcd42
-
SHA512
55a254aa2b30604bf66d7f2feeecd395c8624b4b9892898f7e9689e85ec4772c386989d91b72cb681ab614e59f2174ae705fd39ae892cb10f431d9f67aa3b15f
-
SSDEEP
393216:ZavYmPEVSlMJHe3qS4Lt0aXQ5VFVxdPqsvV34kX:gNcLe3qFZ0mQdd9VIkX
Score9/10-
UPX dump on OEP (original entry point)
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-