General
-
Target
Polar-Sniffer-main.zip
-
Size
13.4MB
-
Sample
240528-tgd2labb4t
-
MD5
40d35be09487257aa9615ab90a5be417
-
SHA1
7d8b374e58c06f515a89b875f1ed8d448f46a474
-
SHA256
478b1bf95029cfae44ecb43ebd3fc08e93599076910da1978324a23a0b3b4f50
-
SHA512
bd1a4d4ad87cd6f9e4aa41a1b229bd877f92010bb789c9a7ab046dd98a41c48b70b9e0d0b2a96d248bce385c83bfa373f2993c56eb7aa175aabecf52ea073921
-
SSDEEP
393216:pmKF4aF7XMj5G0dNjCuGCmAcjHo7Keh8Oj+GfYf8RQcTo+D:rF4aF7XM9GyjC5CyHo7nh0f8RQcs+D
Behavioral task
behavioral1
Sample
Polar-Sniffer-main/install prerequisites.bat
Resource
win11-20240508-en
Behavioral task
behavioral2
Sample
Polar-Sniffer-main/polarsniffer.exe
Resource
win11-20240426-en
Malware Config
Targets
-
-
Target
Polar-Sniffer-main/install prerequisites.bat
-
Size
65B
-
MD5
2a9672c12b5fac0657f9ef15146392f1
-
SHA1
e94c72ffa5c60881126e27b69f0625298bc5fa58
-
SHA256
9fa37a13e3749ce641e918cbc220ac978dc2954e125a2de9a40db077fa8ec361
-
SHA512
89b8a24d07cdd3c68c677ad708b51c8c09dd5faa0936d0dee31867697054647babf65540e8ebeee379db40093d36dba350b559fac1f2106226f9422b6c2d1962
Score1/10 -
-
-
Target
Polar-Sniffer-main/polarsniffer.exe
-
Size
13.6MB
-
MD5
857edb9d3eed9b094bf5be89b7743ae4
-
SHA1
88bd467ea89b3a89847d8af0990dacd0da7393e5
-
SHA256
f2c888faa76e863cbe7ecb932d25a4e23c672892ef30b55d65b84499a4a819fe
-
SHA512
a3c540c1023006a962564864845be7e5ed04b7596e12c99d4c31e87bca0083522eb9ae61cfd28376967dbdf8a8ebf717ae8a6ca51a2b3dff58d6bea9efb5ed84
-
SSDEEP
393216:Tx00vW+eGQRIMTozGxu8C0ibfEau5qW80hoA/gJq6fwk5gRfE:Tx00vW+e5R5oztZ0x5qW80h2Zfwk5g9E
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-