General
-
Target
CalVZHCJmRMjw.exe.tmp
-
Size
213KB
-
Sample
240916-zlr2xayfpm
-
MD5
6e0b2836524a4fff5c126910f3414517
-
SHA1
7a17e7037f88906a6015e1fb3ba3ec042aa7c94d
-
SHA256
3edbeb1ead323ad42913e0c6684702df772b51b8b09b2d53a205ab25005156d9
-
SHA512
2cf9f66d763a07ebdcc0cb14a2a5e914dab577cb9536b2207820bb063f5a109748bfe45eb6bfb48069ee3c421b94cee35eb0459cf08d55edacee5a768225dcf1
-
SSDEEP
6144:Wgkp3IcmCtnRPF9cCGr/uHkBV+UdvrEFp7hKD2:WgkplnRNh4uHkBjvrEH7c2
Static task
static1
Behavioral task
behavioral1
Sample
CalVZHCJmRMjw.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
CalVZHCJmRMjw.exe.tmp
-
Size
213KB
-
MD5
6e0b2836524a4fff5c126910f3414517
-
SHA1
7a17e7037f88906a6015e1fb3ba3ec042aa7c94d
-
SHA256
3edbeb1ead323ad42913e0c6684702df772b51b8b09b2d53a205ab25005156d9
-
SHA512
2cf9f66d763a07ebdcc0cb14a2a5e914dab577cb9536b2207820bb063f5a109748bfe45eb6bfb48069ee3c421b94cee35eb0459cf08d55edacee5a768225dcf1
-
SSDEEP
6144:Wgkp3IcmCtnRPF9cCGr/uHkBV+UdvrEFp7hKD2:WgkplnRNh4uHkBjvrEH7c2
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-