General
-
Target
Huroof.exe
-
Size
66.9MB
-
Sample
241211-rcfnhszmcr
-
MD5
d9feb3496ad4cebbbb06f8d2118ae509
-
SHA1
81210b5aeb044fe76f13158f91258128fa9a3012
-
SHA256
3d804ff4a0801907f2228ac4ca726c30d548209d01fb167bb0717cbd2daa38b8
-
SHA512
687c5cdcb7fcd063021d91b942ca480ba4e9b45145a4a94fb121b93658d3b1596c738e8c8f01e45d66e6b04b83bc7b400feb12eab9015c7f5941980f9474c493
-
SSDEEP
1572864:QGW1Zk8qwBAEScRHxBEfnvZtL824hLuJ+/jrOwtTJ:P7UAEXvBEnZG2Mo6j/V
Static task
static1
Malware Config
Targets
-
-
Target
Huroof.exe
-
Size
66.9MB
-
MD5
d9feb3496ad4cebbbb06f8d2118ae509
-
SHA1
81210b5aeb044fe76f13158f91258128fa9a3012
-
SHA256
3d804ff4a0801907f2228ac4ca726c30d548209d01fb167bb0717cbd2daa38b8
-
SHA512
687c5cdcb7fcd063021d91b942ca480ba4e9b45145a4a94fb121b93658d3b1596c738e8c8f01e45d66e6b04b83bc7b400feb12eab9015c7f5941980f9474c493
-
SSDEEP
1572864:QGW1Zk8qwBAEScRHxBEfnvZtL824hLuJ+/jrOwtTJ:P7UAEXvBEnZG2Mo6j/V
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-