f07ce85bd9b3c10c104cce02f671e5ed8791ad5a356c5aff0bcf566818579877

Sharing

Copy URL

Twitter E-mail

General

Target

5x.7z
Size

13.0MB
Sample

240907-srdcdasclb
MD5

54cbc3ad22e197cc9c56b6726014fe71
SHA1

d71970525722ea619833ccb1924b816307540910
SHA256

f07ce85bd9b3c10c104cce02f671e5ed8791ad5a356c5aff0bcf566818579877
SHA512

73a850f006bc56e35130b536f775fb7bbe59a1422b409f89901058455d2f0c4968f6d43b61c99e1454bcf3651d3fc1fc5bc2eb3111c9191428cce8e3ebb558e2
SSDEEP

196608:1T8mvTbXrQhfdTnxZAA9O7h4fdeIi4Sb/PGZZZugiTwsKMulbK136/+i0IRVT3aJ:1TnbbeeUhZYNTwJc36/PRtayc3Oq

Score

7^/10

Malware Config

Targets

- Target
  
  2Q5G0@16/QQSetupEx.exe
- Size
  
  446KB
- MD5
  
  9efa9e12deac9f6fa48bc031e4300dad
- SHA1
  
  7870326380768cf2cf9114c5d5b8b61fd5fba616
- SHA256
  
  1849ecf1956e8b01949ba5eac8ef1255cfcdb62be43dc0d574d2ea3dc1c8eee8
- SHA512
  
  3de2c0d96cf4fd7312b872c9c9f135a022daa11a9e5c7c924137c9bd4c0e787ff9492b6164288635bfa9d39dc49e04a5b1bb67501fc56d2422d9da95218eaf40
- SSDEEP
  
  12288:+PRPEbBKZYtwjk0lsa2vgJhIUHET9zOfy+HbRgbII3ZGFM6bLAoXtRSS9QjM8nWR:+984JjHmII3IpXtRN9QjMVR
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  9Lb6~w1/1905Client.exe
- Size
  
  2.3MB
- MD5
  
  385cffc081a9a27fca690306981db564
- SHA1
  
  eb4c6e5caadc8acb467203ee0fc0d2215b8ac9e8
- SHA256
  
  5c5187f6b470d75114bdce4a681b339ed8af77f254d11702576c1c350dc67753
- SHA512
  
  785dc0a6838cde0bf464edc619b1959cc8bc691c931dec2eecb75c42b149efdf280bbf602cfd83da1df4dc82098cb912cc7618efc6d7f8fb9a7aa37552cc6a41
- SSDEEP
  
  49152:DegP6/jA7MNLYcVzknTiSvqAMBZKwz4MvlTeoTxIIqPRDlpZNJgMOwUxivP9Xcg4:DeQ7MNLjVcThqAMBZKwz4MvlTeblPRDk
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  Hvd6d~18/iToolsAVMTask.exe
- Size
  
  446KB
- MD5
  
  e4d5dd31c405c19c69180d4e2206bab5
- SHA1
  
  1f01c589d383f361b4bb442476592f03ce10d173
- SHA256
  
  b78c80aad5b20278e54b64f74dc8f98ab573d48b133d1a9178c53e57d8e5258f
- SHA512
  
  35f46c8d33fa761e91169138f38beec5e51d735b23e4ca3894e7b0daf4c687a7f22029a2c8b80d1c46cefd5c2e7697f74646eedb8aa3161efc4fd142485562ff
- SSDEEP
  
  6144:hYgPVIgDuWLucpXqg0GDZujr3HcMUFyRaWbma+uoYmb:hPVIwuWLurTGDA+Mi
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral5 behavioral6
- Target
  
  VSQ0e@6/apache.exe
- Size
  
  20KB
- MD5
  
  eb4e26ad3a0e681c2faabbacb0691a34
- SHA1
  
  55781c8ed0dc76e4edfb91ee01267783ed2434f5
- SHA256
  
  f2acdf171e603203f422ba64bfe2644a8e125657c96dd626cfd323e9f87c88d1
- SHA512
  
  d177bfd6433207e2dcec3a05749a28693b891674b5f6c0dd9438bc75b5e6ee7c13d483ecd5bda9d8097f105d7976cbcf16612c53c8df6932f8d3aafb4435562f
- SSDEEP
  
  384:Cvwf3dXEAwtPMukyZUEgbmO7jRUyb0yu8/sqtVG:XflE3tPv5ZmjRUSufqnG
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral7 behavioral8
- Target
  
  xkxkv/dms.exe
- Size
  
  34KB
- MD5
  
  dde4e4e601e8b0e7d1621167b709adb4
- SHA1
  
  cf152fff93d8bfc7bcde44e41954a36600c4c599
- SHA256
  
  53a5ebfe5356da897d550be1017f0c7334d8d9971288abf1398661e288cd983a
- SHA512
  
  f9b561ea64f374fa3548a09e26a00ea07baa2fd2d328ebc3668e793c4ebd6c44e8f66f04634a8e3f87b6888f60cc4eb663d073f4384a49b8a435dcc56a6ac8a4
- SSDEEP
  
  768:ty7FJl5/ija+1IR14B38gBTHEfIYMqUVii78e/h:tCFJ/458uIyqU7j/h
Score

7^/10

discovery persistence spyware stealer
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral10 behavioral9