General
-
Target
faf3152463a1beed39b5aa807f1f816b0c66bc46f16f7cbd662030842af8cc8d
-
Size
9.9MB
-
Sample
240928-y9s4favenn
-
MD5
38d0d92b1212bd1d885d20c9471fc548
-
SHA1
c22e1d9e784a58435db7b375afb734fa7abb9fbe
-
SHA256
faf3152463a1beed39b5aa807f1f816b0c66bc46f16f7cbd662030842af8cc8d
-
SHA512
cb98aba99050cb020cbfcd88da00fa25504baeac09304e6c0e91a4804eec925cef4785e591513f5a0e1e90d921ab555515c444056860457017431cbac2d99f9f
-
SSDEEP
196608:Fnko0g4j7KTmLfdzDNm48twUUJa3HbrwSwF2OVZbnfVpz5qSK6RK9bokE8YO77l0:Z946yZH0BHbrw/9VZbfVpb/4/JxnDC
Malware Config
Targets
-
-
Target
faf3152463a1beed39b5aa807f1f816b0c66bc46f16f7cbd662030842af8cc8d
-
Size
9.9MB
-
MD5
38d0d92b1212bd1d885d20c9471fc548
-
SHA1
c22e1d9e784a58435db7b375afb734fa7abb9fbe
-
SHA256
faf3152463a1beed39b5aa807f1f816b0c66bc46f16f7cbd662030842af8cc8d
-
SHA512
cb98aba99050cb020cbfcd88da00fa25504baeac09304e6c0e91a4804eec925cef4785e591513f5a0e1e90d921ab555515c444056860457017431cbac2d99f9f
-
SSDEEP
196608:Fnko0g4j7KTmLfdzDNm48twUUJa3HbrwSwF2OVZbnfVpz5qSK6RK9bokE8YO77l0:Z946yZH0BHbrw/9VZbfVpb/4/JxnDC
Score8/10-
Adds policy Run key to start application
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-