General
-
Target
64009500f37feba9f465a025f5050842699f7ca815f9fc258ee9ff63481f6dd9
-
Size
2.1MB
-
Sample
240601-16kzrsge41
-
MD5
0aad2883962b2efc868d379a00285589
-
SHA1
328b66ade60a9d91104ec79d7b76b60733b12dcd
-
SHA256
64009500f37feba9f465a025f5050842699f7ca815f9fc258ee9ff63481f6dd9
-
SHA512
d04dd74a81888920c7318f919cd921d831039bc41f39b4f27039fb190bc9f93ca4ab974a3849b9d3d3530b67576046833bc72cd9bcaed62a2d589f5e83db457a
-
SSDEEP
49152:BemgNSdeuqaTDA9XjlHuBO8L2wM8wke/6SxBimDRLg/MQNCmi:/goYTYmRHuBO9w/eSSSaRiMQxi
Behavioral task
behavioral1
Sample
64009500f37feba9f465a025f5050842699f7ca815f9fc258ee9ff63481f6dd9.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
64009500f37feba9f465a025f5050842699f7ca815f9fc258ee9ff63481f6dd9.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
64009500f37feba9f465a025f5050842699f7ca815f9fc258ee9ff63481f6dd9
-
Size
2.1MB
-
MD5
0aad2883962b2efc868d379a00285589
-
SHA1
328b66ade60a9d91104ec79d7b76b60733b12dcd
-
SHA256
64009500f37feba9f465a025f5050842699f7ca815f9fc258ee9ff63481f6dd9
-
SHA512
d04dd74a81888920c7318f919cd921d831039bc41f39b4f27039fb190bc9f93ca4ab974a3849b9d3d3530b67576046833bc72cd9bcaed62a2d589f5e83db457a
-
SSDEEP
49152:BemgNSdeuqaTDA9XjlHuBO8L2wM8wke/6SxBimDRLg/MQNCmi:/goYTYmRHuBO9w/eSSSaRiMQxi
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-