General
-
Target
Patch.exe
-
Size
978KB
-
Sample
240917-a5bftsycpn
-
MD5
4e92e494a6922fd591cdc0c466f438bf
-
SHA1
366912ae55e634331fc3dd53219cc59c054e5835
-
SHA256
f5c354f56b4eaa2068842287292e797ede967696410c4666faf3efd2a96ee264
-
SHA512
88b1cc5fe54492e9d2a5fdd11dd31dab0737c0c0d6e6f215b4dda705bf2e2ffb8753c25d21b5d03ffed53c15e140eee1edb792beaa8b3985b7781d5a79b5bdc3
-
SSDEEP
24576:wb1E5jgvmvSZW/SmUeeQYEE8N5z/NH8w5j7frEH7S:wI8mIW/ce683/Ncq
Static task
static1
Behavioral task
behavioral1
Sample
Patch.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Patch.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Patch.exe
-
Size
978KB
-
MD5
4e92e494a6922fd591cdc0c466f438bf
-
SHA1
366912ae55e634331fc3dd53219cc59c054e5835
-
SHA256
f5c354f56b4eaa2068842287292e797ede967696410c4666faf3efd2a96ee264
-
SHA512
88b1cc5fe54492e9d2a5fdd11dd31dab0737c0c0d6e6f215b4dda705bf2e2ffb8753c25d21b5d03ffed53c15e140eee1edb792beaa8b3985b7781d5a79b5bdc3
-
SSDEEP
24576:wb1E5jgvmvSZW/SmUeeQYEE8N5z/NH8w5j7frEH7S:wI8mIW/ce683/Ncq
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-