General
-
Target
e420585f0416fa0d985d5979b59e8d2cfceeacb655ac86f1c5805e1427175182
-
Size
433KB
-
Sample
240926-gkjp2atfjc
-
MD5
c283635bf31e12b2a20dc12a9d5c012f
-
SHA1
883cb98bc588360ea29bc15c61be47e5b6a62645
-
SHA256
e420585f0416fa0d985d5979b59e8d2cfceeacb655ac86f1c5805e1427175182
-
SHA512
4b6d06842175a1e539a0957787ca6d0754256c2a06170fa9fcb8bda5ffd8ae51eb22d9cef16d29bfa7e6fc7717e2687abcbd4ac9f8182c72bbe95dd54adc7aa4
-
SSDEEP
12288:R/wlw5kfMQrHlzXzA8ZZeOeuRgvLOBuag1EosxKq8kDfyh2KZ1qq2A/5Cd3jmKAF:+5O0g+g+x/1fcrz2A/5Cd3jmjrEH7u
Static task
static1
Behavioral task
behavioral1
Sample
e420585f0416fa0d985d5979b59e8d2cfceeacb655ac86f1c5805e1427175182.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e420585f0416fa0d985d5979b59e8d2cfceeacb655ac86f1c5805e1427175182.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
e420585f0416fa0d985d5979b59e8d2cfceeacb655ac86f1c5805e1427175182
-
Size
433KB
-
MD5
c283635bf31e12b2a20dc12a9d5c012f
-
SHA1
883cb98bc588360ea29bc15c61be47e5b6a62645
-
SHA256
e420585f0416fa0d985d5979b59e8d2cfceeacb655ac86f1c5805e1427175182
-
SHA512
4b6d06842175a1e539a0957787ca6d0754256c2a06170fa9fcb8bda5ffd8ae51eb22d9cef16d29bfa7e6fc7717e2687abcbd4ac9f8182c72bbe95dd54adc7aa4
-
SSDEEP
12288:R/wlw5kfMQrHlzXzA8ZZeOeuRgvLOBuag1EosxKq8kDfyh2KZ1qq2A/5Cd3jmKAF:+5O0g+g+x/1fcrz2A/5Cd3jmjrEH7u
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-