General
-
Target
1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250N
-
Size
465KB
-
Sample
241113-jvxqraxhnb
-
MD5
58f318e448034ff8a92ccdf04c4a5e20
-
SHA1
778eaccae22b0b7a32b33c24fa6b814f22a4136a
-
SHA256
1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250
-
SHA512
a19a6c0c2d4f5dd4f47008bd5c189b09897909d24bea46eab9f6ea85af226d00f5b303e643e0d489a980e057ddc6b55e2c4fc53d8a7fcd5cc9e347b9db7b259b
-
SSDEEP
6144:mBapC9DUIYmO5Kv5Q7X/l/rYvkW1VxxfnzrV9UAH0ctkPfc92F8dLpIh9jil:5pQD+mO5KWy/zrVbt4fcY69U9jI
Static task
static1
Behavioral task
behavioral1
Sample
1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250N
-
Size
465KB
-
MD5
58f318e448034ff8a92ccdf04c4a5e20
-
SHA1
778eaccae22b0b7a32b33c24fa6b814f22a4136a
-
SHA256
1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250
-
SHA512
a19a6c0c2d4f5dd4f47008bd5c189b09897909d24bea46eab9f6ea85af226d00f5b303e643e0d489a980e057ddc6b55e2c4fc53d8a7fcd5cc9e347b9db7b259b
-
SSDEEP
6144:mBapC9DUIYmO5Kv5Q7X/l/rYvkW1VxxfnzrV9UAH0ctkPfc92F8dLpIh9jil:5pQD+mO5KWy/zrVbt4fcY69U9jI
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-