General
-
Target
e026cb1d0c332e89db275cb72ddedad2ddd2463ff8ceb73bc1a403460570407b
-
Size
992KB
-
Sample
241121-g9wqwstpbq
-
MD5
245e85a3803b4a0bcd4a5b09759b8dd3
-
SHA1
6c8814a17c21f66c43be206368657cc179ee67a1
-
SHA256
e026cb1d0c332e89db275cb72ddedad2ddd2463ff8ceb73bc1a403460570407b
-
SHA512
227e193dab3d01f0cffffeb4cb2a38ca8ea357245a5b92cb3b829beb5d8eb7376f14784014be73077ffe72603e4b0397ff9c906d475c2232eb2944965dabf1c1
-
SSDEEP
12288:lzAHg+1yahuV0voyd0gP8YtNmdDWtGnYoa3qkmO/UQ/7MVjzXmhQOE4Ro:FYghWuyvV0W3KWcnYoU3/P/gVjzWhjR
Malware Config
Targets
-
-
Target
e026cb1d0c332e89db275cb72ddedad2ddd2463ff8ceb73bc1a403460570407b
-
Size
992KB
-
MD5
245e85a3803b4a0bcd4a5b09759b8dd3
-
SHA1
6c8814a17c21f66c43be206368657cc179ee67a1
-
SHA256
e026cb1d0c332e89db275cb72ddedad2ddd2463ff8ceb73bc1a403460570407b
-
SHA512
227e193dab3d01f0cffffeb4cb2a38ca8ea357245a5b92cb3b829beb5d8eb7376f14784014be73077ffe72603e4b0397ff9c906d475c2232eb2944965dabf1c1
-
SSDEEP
12288:lzAHg+1yahuV0voyd0gP8YtNmdDWtGnYoa3qkmO/UQ/7MVjzXmhQOE4Ro:FYghWuyvV0W3KWcnYoU3/P/gVjzWhjR
Score10/10-
Modifies security service
-
Indicator Removal: Clear Windows Event Logs
Clear Windows Event Logs to hide the activity of an intrusion.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-