General
-
Target
SecHex-Spoofy V1.5.8.zip
-
Size
2.0MB
-
Sample
240902-q7da7ssepg
-
MD5
5e4cd0586fdded65e8227c768a087fb0
-
SHA1
7585d2682d3ab3d9360cf8545ef7ab77e955b9fc
-
SHA256
2864750adbdd9e79a043c3f281c2e0d6b7d2d5009ebfd4268f8a7b112745a3d6
-
SHA512
2007fa21c0b6f12c560648e0985a59112365725d159e04cf2761e1e0adb9b833a6325cdf5ebfb86f75ae1320ce22f11d95f7b2912de7ef2c29856d74cfccf37e
-
SSDEEP
24576:+tYIdI9xQSIwGy5p6s5Bc2rKBf0hnuPAqQUwV1bC410vaV6rrUW1N24Jdd2GfcNd:ff9uKv5rKBunuPAqyVdCvvL1lFcev2v
Malware Config
Targets
-
-
Target
SecHex-Spoofy V1.5.8.zip
-
Size
2.0MB
-
MD5
5e4cd0586fdded65e8227c768a087fb0
-
SHA1
7585d2682d3ab3d9360cf8545ef7ab77e955b9fc
-
SHA256
2864750adbdd9e79a043c3f281c2e0d6b7d2d5009ebfd4268f8a7b112745a3d6
-
SHA512
2007fa21c0b6f12c560648e0985a59112365725d159e04cf2761e1e0adb9b833a6325cdf5ebfb86f75ae1320ce22f11d95f7b2912de7ef2c29856d74cfccf37e
-
SSDEEP
24576:+tYIdI9xQSIwGy5p6s5Bc2rKBf0hnuPAqQUwV1bC410vaV6rrUW1N24Jdd2GfcNd:ff9uKv5rKBunuPAqyVdCvvL1lFcev2v
Score8/10-
Modifies RDP port number used by Windows
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Remote Services: SMB/Windows Admin Shares
Adversaries may use Valid Accounts to interact with a remote network share using Server Message Block (SMB).
-