General
-
Target
VNXLauncher-Win-32-x86-en_US-1.3.21.1.0322-1.exe
-
Size
105.8MB
-
Sample
240930-mkb8vavcma
-
MD5
c0ef796f13cfade0aea3aed814a37fda
-
SHA1
085e52da4b9590f5357b72665ee8597ce50a32f2
-
SHA256
77057bc007a1fbd7987c5c720528511b27265c5f8cd878269110399321fb8a8a
-
SHA512
0856975fc0740be2eb2ccf759318bbbc4d1e6b0a4760550af98c47011d5ef568bb00e3f10e80e687173935ce5c923123632b09ddb39d02ed1a17bad245dc9169
-
SSDEEP
1572864:Wvkl5gaKjQYMAyecr0gee0WEo7ik7o8V3o+iuHO3o68VWSsC6i+tpljsv96sf9MV:WvklKHXyb0qoo7iio8V4PcZS5J+Ff3Cb
Static task
static1
Behavioral task
behavioral1
Sample
VNXLauncher-Win-32-x86-en_US-1.3.21.1.0322-1.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
VNXLauncher-Win-32-x86-en_US-1.3.21.1.0322-1.exe
-
Size
105.8MB
-
MD5
c0ef796f13cfade0aea3aed814a37fda
-
SHA1
085e52da4b9590f5357b72665ee8597ce50a32f2
-
SHA256
77057bc007a1fbd7987c5c720528511b27265c5f8cd878269110399321fb8a8a
-
SHA512
0856975fc0740be2eb2ccf759318bbbc4d1e6b0a4760550af98c47011d5ef568bb00e3f10e80e687173935ce5c923123632b09ddb39d02ed1a17bad245dc9169
-
SSDEEP
1572864:Wvkl5gaKjQYMAyecr0gee0WEo7ik7o8V3o+iuHO3o68VWSsC6i+tpljsv96sf9MV:WvklKHXyb0qoo7iio8V4PcZS5J+Ff3Cb
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
System Binary Proxy Execution: Verclsid
Adversaries may abuse Verclsid to proxy execution of malicious code.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1