General
-
Target
V1NEW.exe
-
Size
111KB
-
Sample
241104-hkhy6syqfl
-
MD5
099381a7c84861eb56be47d9346359d2
-
SHA1
7457cd6e3cb179cd07caffa4a6dcd9f2b6c9dfe7
-
SHA256
0e816c51aa21720eaec2b6ac9d955de0a90908a4d5f64daa2687e0459f071101
-
SHA512
2796e7003778b77c2cedc68518434ba063b4c08a3c4d94120b23bd2e10567e2a8c4981d1a54c0f24604707412caefff36bc6d0f3e5c18dc1d7e9df138ff297ca
-
SSDEEP
3072:BpXIkKGO89b4QNH2lQBV+UdE+rECWp7hKtFmwOC:jBO8lFNrBV+UdvrEFp7hKt7d
Static task
static1
Behavioral task
behavioral1
Sample
V1NEW.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
V1NEW.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
V1NEW.exe
-
Size
111KB
-
MD5
099381a7c84861eb56be47d9346359d2
-
SHA1
7457cd6e3cb179cd07caffa4a6dcd9f2b6c9dfe7
-
SHA256
0e816c51aa21720eaec2b6ac9d955de0a90908a4d5f64daa2687e0459f071101
-
SHA512
2796e7003778b77c2cedc68518434ba063b4c08a3c4d94120b23bd2e10567e2a8c4981d1a54c0f24604707412caefff36bc6d0f3e5c18dc1d7e9df138ff297ca
-
SSDEEP
3072:BpXIkKGO89b4QNH2lQBV+UdE+rECWp7hKtFmwOC:jBO8lFNrBV+UdvrEFp7hKt7d
-
Floxif family
-
Detects Floxif payload
-
Downloads MZ/PE file
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-