General
-
Target
disk-drill-win.exe
-
Size
27.0MB
-
Sample
240813-hctqpsyenh
-
MD5
db78eda8cb52e64d403890ad2201f007
-
SHA1
174c837386ce92144bb6c8d722e4809426b2519a
-
SHA256
97e296f77f96ea55d1e0f962f0fe980170a4e8d11464a7ca45b2976aa8ee16ee
-
SHA512
94691338ff0b788b16eed3eb2973b2534b5c7774ceba3aba11a2f73ee4d9e754c8039d47ed3b45ab55ea3e3a6f7138c5a70a40f516397167a97a36c2773c09ad
-
SSDEEP
786432:Ep3+DT+fEKOIYSwpcPa39JWJ2GsaZ/mCoq31/:l+MKrYSwqPa3HW7saZ/mPYJ
Static task
static1
Behavioral task
behavioral1
Sample
disk-drill-win.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
disk-drill-win.exe
-
Size
27.0MB
-
MD5
db78eda8cb52e64d403890ad2201f007
-
SHA1
174c837386ce92144bb6c8d722e4809426b2519a
-
SHA256
97e296f77f96ea55d1e0f962f0fe980170a4e8d11464a7ca45b2976aa8ee16ee
-
SHA512
94691338ff0b788b16eed3eb2973b2534b5c7774ceba3aba11a2f73ee4d9e754c8039d47ed3b45ab55ea3e3a6f7138c5a70a40f516397167a97a36c2773c09ad
-
SSDEEP
786432:Ep3+DT+fEKOIYSwpcPa39JWJ2GsaZ/mCoq31/:l+MKrYSwqPa3HW7saZ/mPYJ
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Adds Run key to start application
-
Downloads MZ/PE file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-