General
-
Target
ce1819fdbe049dd00549aebb19aeb4542462d777ad5556239781e62bd9c7df43
-
Size
2.3MB
-
Sample
240909-ddyntsyalp
-
MD5
a6ef0f5aa06a457d68863f4a296bff8c
-
SHA1
f435d9c85e2c340e7a1e798b5caff542ac338ba6
-
SHA256
ce1819fdbe049dd00549aebb19aeb4542462d777ad5556239781e62bd9c7df43
-
SHA512
c462b2a9ce35eb644f5170dd2e2e68164030892eb169024ebfa1e28f6186cb18b58c5b5fc740e1d426810b555d090b0e029aaf4d4663c5b432560793a850457d
-
SSDEEP
49152:wjvk2d9rJpNJ6jUFdXaDoIHmXMupzh72lxakn2YpHdy4ZBgIoooNe:wrkI9rSjA5aDo73pzF2bz3p9y4HgIoov
Malware Config
Targets
-
-
Target
ce1819fdbe049dd00549aebb19aeb4542462d777ad5556239781e62bd9c7df43
-
Size
2.3MB
-
MD5
a6ef0f5aa06a457d68863f4a296bff8c
-
SHA1
f435d9c85e2c340e7a1e798b5caff542ac338ba6
-
SHA256
ce1819fdbe049dd00549aebb19aeb4542462d777ad5556239781e62bd9c7df43
-
SHA512
c462b2a9ce35eb644f5170dd2e2e68164030892eb169024ebfa1e28f6186cb18b58c5b5fc740e1d426810b555d090b0e029aaf4d4663c5b432560793a850457d
-
SSDEEP
49152:wjvk2d9rJpNJ6jUFdXaDoIHmXMupzh72lxakn2YpHdy4ZBgIoooNe:wrkI9rSjA5aDo73pzF2bz3p9y4HgIoov
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-