General

  • Target

    Huroof.exe

  • Size

    66.9MB

  • Sample

    241211-rfa77szncn

  • MD5

    d9feb3496ad4cebbbb06f8d2118ae509

  • SHA1

    81210b5aeb044fe76f13158f91258128fa9a3012

  • SHA256

    3d804ff4a0801907f2228ac4ca726c30d548209d01fb167bb0717cbd2daa38b8

  • SHA512

    687c5cdcb7fcd063021d91b942ca480ba4e9b45145a4a94fb121b93658d3b1596c738e8c8f01e45d66e6b04b83bc7b400feb12eab9015c7f5941980f9474c493

  • SSDEEP

    1572864:QGW1Zk8qwBAEScRHxBEfnvZtL824hLuJ+/jrOwtTJ:P7UAEXvBEnZG2Mo6j/V

Malware Config

Targets

    • Target

      Huroof.exe

    • Size

      66.9MB

    • MD5

      d9feb3496ad4cebbbb06f8d2118ae509

    • SHA1

      81210b5aeb044fe76f13158f91258128fa9a3012

    • SHA256

      3d804ff4a0801907f2228ac4ca726c30d548209d01fb167bb0717cbd2daa38b8

    • SHA512

      687c5cdcb7fcd063021d91b942ca480ba4e9b45145a4a94fb121b93658d3b1596c738e8c8f01e45d66e6b04b83bc7b400feb12eab9015c7f5941980f9474c493

    • SSDEEP

      1572864:QGW1Zk8qwBAEScRHxBEfnvZtL824hLuJ+/jrOwtTJ:P7UAEXvBEnZG2Mo6j/V

    • CryptOne packer

      Detects CryptOne packer defined in NCC blogpost.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks