General
-
Target
97ebf26ba023e3e9ad523e223b3a1040N.exe
-
Size
246KB
-
Sample
240825-j9czwsthrf
-
MD5
97ebf26ba023e3e9ad523e223b3a1040
-
SHA1
8c1d9d3edbb1a94a9ad0fdf0cc432e96e73f7176
-
SHA256
ae48588cc7d3629627fd18edab0f99750cda0bded2d82de2a211685afd2bfdc0
-
SHA512
2f7e9cfacbfa1494237215e0bf9b7883202632c130342f26fa0932057595203e484900538f9fed8cce545970b6217fa1bc857d732aeea126504c030eba217522
-
SSDEEP
6144:1HBE+ePyHSo0mxppi57PggswqGWg4b7uC7d4SPWT3FH:1HBEro7xPidPgT7uCJZeZ
Malware Config
Targets
-
-
Target
97ebf26ba023e3e9ad523e223b3a1040N.exe
-
Size
246KB
-
MD5
97ebf26ba023e3e9ad523e223b3a1040
-
SHA1
8c1d9d3edbb1a94a9ad0fdf0cc432e96e73f7176
-
SHA256
ae48588cc7d3629627fd18edab0f99750cda0bded2d82de2a211685afd2bfdc0
-
SHA512
2f7e9cfacbfa1494237215e0bf9b7883202632c130342f26fa0932057595203e484900538f9fed8cce545970b6217fa1bc857d732aeea126504c030eba217522
-
SSDEEP
6144:1HBE+ePyHSo0mxppi57PggswqGWg4b7uC7d4SPWT3FH:1HBEro7xPidPgT7uCJZeZ
Score10/10-
Modifies firewall policy service
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-