General
-
Target
1004d58f6477c5e6f2dabff761594450N.exe
-
Size
905KB
-
Sample
240824-v677ea1gjb
-
MD5
1004d58f6477c5e6f2dabff761594450
-
SHA1
9b9b0d3df4c9f9eaf006de136bbc0c808d3314d4
-
SHA256
cf188b805dce1d9843af710197f760bce3caccf0aa832a4d45e110306b0c2286
-
SHA512
82c99339bd3c4d2b4a5926166923853f0c1f3ee7586d479a8200ea77e6b0474ad9eadce06652a75418f637f4270ace2b7e447f74e712ca660c236241d006b344
-
SSDEEP
12288:WhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4a3xjGryvCf1WuFFRT+:GRmJkcoQricOIQxiZY1ia3J56fEu5
Static task
static1
Behavioral task
behavioral1
Sample
1004d58f6477c5e6f2dabff761594450N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
1004d58f6477c5e6f2dabff761594450N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
1004d58f6477c5e6f2dabff761594450N.exe
-
Size
905KB
-
MD5
1004d58f6477c5e6f2dabff761594450
-
SHA1
9b9b0d3df4c9f9eaf006de136bbc0c808d3314d4
-
SHA256
cf188b805dce1d9843af710197f760bce3caccf0aa832a4d45e110306b0c2286
-
SHA512
82c99339bd3c4d2b4a5926166923853f0c1f3ee7586d479a8200ea77e6b0474ad9eadce06652a75418f637f4270ace2b7e447f74e712ca660c236241d006b344
-
SSDEEP
12288:WhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4a3xjGryvCf1WuFFRT+:GRmJkcoQricOIQxiZY1ia3J56fEu5
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-