General
-
Target
1b6a97bac0b7919dff351d60a3452930N.exe
-
Size
1.2MB
-
Sample
240817-t4l1qaybpr
-
MD5
1b6a97bac0b7919dff351d60a3452930
-
SHA1
376069d3ee0a07d108303699b4118f3c15e39f03
-
SHA256
4dc5805e9c93c117619231d63f0d419cb4561d6c7fcfbfd6d619bbde25eeb0a1
-
SHA512
2ebd2d05fad6cae39fcc90c049df3c06d54ba5717edb3450be1e316e18b85479e940ddd86b36b93a1c28aeb3487f1be4dcbaefb36b2d4429244e369d74086b12
-
SSDEEP
24576:qu1iSAU/zc/8bdl7QG5/H3qZki/Au7JXSLrEH7lFTC:eU/Q/el7Qg3qN/AuFns
Static task
static1
Behavioral task
behavioral1
Sample
1b6a97bac0b7919dff351d60a3452930N.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
1b6a97bac0b7919dff351d60a3452930N.exe
-
Size
1.2MB
-
MD5
1b6a97bac0b7919dff351d60a3452930
-
SHA1
376069d3ee0a07d108303699b4118f3c15e39f03
-
SHA256
4dc5805e9c93c117619231d63f0d419cb4561d6c7fcfbfd6d619bbde25eeb0a1
-
SHA512
2ebd2d05fad6cae39fcc90c049df3c06d54ba5717edb3450be1e316e18b85479e940ddd86b36b93a1c28aeb3487f1be4dcbaefb36b2d4429244e369d74086b12
-
SSDEEP
24576:qu1iSAU/zc/8bdl7QG5/H3qZki/Au7JXSLrEH7lFTC:eU/Q/el7Qg3qN/AuFns
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-