General
-
Target
ElSaifyApp.exe
-
Size
21.3MB
-
Sample
240826-swtvxssdpj
-
MD5
4b8032177a2ab575523c123abbeebaf4
-
SHA1
95dc70c0ca6707fc307357f5e94b320b6e709d4a
-
SHA256
8ebdc838216071b6a38d0ac5b8e2b3bd827aed38d935850e29b2ecd3e242e5bd
-
SHA512
84769a2f577ed5659b1a54e8a631713842dfbfeb8a4e0d6d1917d9c3b592abfae3a92c4c2c5536389cffe9fa4c29d1dd94914db75566ada1a0e6729ffdec2f25
-
SSDEEP
393216:BNVxIfuPmfJ31Xx5qhDhevwnt1wiekhg7H/B+B17lSTU2ykfK:BJcuPW1Be1eICbkO7fAB1RSTUYC
Static task
static1
Malware Config
Targets
-
-
Target
ElSaifyApp.exe
-
Size
21.3MB
-
MD5
4b8032177a2ab575523c123abbeebaf4
-
SHA1
95dc70c0ca6707fc307357f5e94b320b6e709d4a
-
SHA256
8ebdc838216071b6a38d0ac5b8e2b3bd827aed38d935850e29b2ecd3e242e5bd
-
SHA512
84769a2f577ed5659b1a54e8a631713842dfbfeb8a4e0d6d1917d9c3b592abfae3a92c4c2c5536389cffe9fa4c29d1dd94914db75566ada1a0e6729ffdec2f25
-
SSDEEP
393216:BNVxIfuPmfJ31Xx5qhDhevwnt1wiekhg7H/B+B17lSTU2ykfK:BJcuPW1Be1eICbkO7fAB1RSTUYC
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-