General
-
Target
01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605
-
Size
87KB
-
Sample
241120-xv6kjssdkp
-
MD5
debe698c3b33ab7a6c2081e6545249c2
-
SHA1
257377217fabf3778cb267cd8a744da0b7e76b96
-
SHA256
01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605
-
SHA512
dfac6ef6ed14693281319fd67d2b20479a1d081914c17caf08cc519ad04b2868c42fbeab062d1863b3df21c9da6201f6dfd051c1dc4e3a006ed4c9eb19bf0e2d
-
SSDEEP
1536:1a3+ddygX7y9v7Z+NoykJHBOAFRfBjG3ldoIH:08dfX7y9DZ+N7eB+IIH
Static task
static1
Behavioral task
behavioral1
Sample
01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605
-
Size
87KB
-
MD5
debe698c3b33ab7a6c2081e6545249c2
-
SHA1
257377217fabf3778cb267cd8a744da0b7e76b96
-
SHA256
01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605
-
SHA512
dfac6ef6ed14693281319fd67d2b20479a1d081914c17caf08cc519ad04b2868c42fbeab062d1863b3df21c9da6201f6dfd051c1dc4e3a006ed4c9eb19bf0e2d
-
SSDEEP
1536:1a3+ddygX7y9v7Z+NoykJHBOAFRfBjG3ldoIH:08dfX7y9DZ+N7eB+IIH
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-