General
-
Target
HPWMISVC.exe
-
Size
693KB
-
Sample
240916-zj8lwayfld
-
MD5
23132bd8b08ba544768c588810114529
-
SHA1
86b3fd59963d5176ab2bc6a4d7db3dead2214930
-
SHA256
4e49ca7ef854b2310d20010314e32512482800ae5960cd85513256f6e9ff902f
-
SHA512
eb06358581fa3cc46b7ecb3b3ef30dfe6545fdba3ae0217bf1badbd46343be22ae44965f008a02c4a7287b7cff965754bbceac3c0752f3a8b69882c09b78c47b
-
SSDEEP
6144:iIuCPU/DSma6Mto6/hzAY/zHEtTJAJMm7rBV+UdvrEFp7hKKyt:iA+DSmHXWhe87rBjvrEH7Mt
Static task
static1
Behavioral task
behavioral1
Sample
HPWMISVC.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
HPWMISVC.exe
-
Size
693KB
-
MD5
23132bd8b08ba544768c588810114529
-
SHA1
86b3fd59963d5176ab2bc6a4d7db3dead2214930
-
SHA256
4e49ca7ef854b2310d20010314e32512482800ae5960cd85513256f6e9ff902f
-
SHA512
eb06358581fa3cc46b7ecb3b3ef30dfe6545fdba3ae0217bf1badbd46343be22ae44965f008a02c4a7287b7cff965754bbceac3c0752f3a8b69882c09b78c47b
-
SSDEEP
6144:iIuCPU/DSma6Mto6/hzAY/zHEtTJAJMm7rBV+UdvrEFp7hKKyt:iA+DSmHXWhe87rBjvrEH7Mt
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-