Extracted

• • Target

    Payload.exe

  • Size

    27KB

  • MD5

    6363fdf6807cbef35f331eee2acd8c95

  • SHA1

    a3c39ca66596d25bb6b49c691348b29f6c7cf582

  • SHA256

    091389e24f8de1ef56cda84cc7f8598767bedf9c4b1dfb73736713b887c259c9

  • SHA512

    b1a56829768578ec64e0ddaa7bd7023075ec8559c1fee57d3103222e0aea42137fce5f8ac4396701c33349af3db39e2d61d8baf00d3baf932681e085e5231f41

  • SSDEEP

    384:gLZeZoTmgEJLbwvqWDbPxZh7M9AQk93vmhm7UMKmIEecKdbXTzm9bVhca16fr6eR:+ENvwy9A/vMHTi9bD

  Score

  7^/10

  discoverypersistence

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2