General
-
Target
f6bd0c5c5dac70a25ccb1a3eba5d37a53949098b12c150ce4ca72fa537a2524aN.exe
-
Size
62KB
-
Sample
241202-smvqvsvmbj
-
MD5
92400aceeec4c6ae465b6c2f2a1b9350
-
SHA1
9af269e83e518aae6d39c7b6a5f1258c33babadc
-
SHA256
f6bd0c5c5dac70a25ccb1a3eba5d37a53949098b12c150ce4ca72fa537a2524a
-
SHA512
2a75f592dbff7be8d5085755800c28f67aeec190db0d894f5a9a061d491574a7e43367b94ee4d08093108915935609ac17f5bb891bfb24086f8858cfee97b9af
-
SSDEEP
768:8ZYOGJ8z39m6odrD2ydQtaCGvRDvqguFjI3LOLisuIPcH9e3FEx8EFK4AVSi0WCj:83t2dGanvsh2ki4PQeVEKE38TCNMBMp7
Malware Config
Targets
-
-
Target
f6bd0c5c5dac70a25ccb1a3eba5d37a53949098b12c150ce4ca72fa537a2524aN.exe
-
Size
62KB
-
MD5
92400aceeec4c6ae465b6c2f2a1b9350
-
SHA1
9af269e83e518aae6d39c7b6a5f1258c33babadc
-
SHA256
f6bd0c5c5dac70a25ccb1a3eba5d37a53949098b12c150ce4ca72fa537a2524a
-
SHA512
2a75f592dbff7be8d5085755800c28f67aeec190db0d894f5a9a061d491574a7e43367b94ee4d08093108915935609ac17f5bb891bfb24086f8858cfee97b9af
-
SSDEEP
768:8ZYOGJ8z39m6odrD2ydQtaCGvRDvqguFjI3LOLisuIPcH9e3FEx8EFK4AVSi0WCj:83t2dGanvsh2ki4PQeVEKE38TCNMBMp7
Score10/10-
Andromeda family
-
Andromeda, Gamarue
Andromeda, also known as Gamarue, is a modular botnet malware primarily used for distributing other types of malware and it's written in C++.
-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-