General
-
Target
sample
-
Size
267KB
-
Sample
241214-krn5waymgp
-
MD5
65624ae0f03e4b0b37b193246a35de15
-
SHA1
b91e192d5b0199ddf70bec6dbc5e6237791c80de
-
SHA256
14c9466ae2013053d20cf15258c8fcdf886e752542c7a0519fd39537d91c537b
-
SHA512
e3ab55d6104b4ba7c70f67e66e8663e461c6317df593d9478994abeb2292e5edef1bf1782d1535bf486a6618f6ff35ad05d6ddedd34570a0fa44d0d976c7a8f2
-
SSDEEP
3072:7Oh7Oi+0joZWm0ITADlNRzh4bgEJfzrIugDAwtN+Tl/jS4:7Oh7A0joZQITeRIgEJHIbCS4
Malware Config
Targets
-
-
Target
sample
-
Size
267KB
-
MD5
65624ae0f03e4b0b37b193246a35de15
-
SHA1
b91e192d5b0199ddf70bec6dbc5e6237791c80de
-
SHA256
14c9466ae2013053d20cf15258c8fcdf886e752542c7a0519fd39537d91c537b
-
SHA512
e3ab55d6104b4ba7c70f67e66e8663e461c6317df593d9478994abeb2292e5edef1bf1782d1535bf486a6618f6ff35ad05d6ddedd34570a0fa44d0d976c7a8f2
-
SSDEEP
3072:7Oh7Oi+0joZWm0ITADlNRzh4bgEJfzrIugDAwtN+Tl/jS4:7Oh7A0joZQITeRIgEJHIbCS4
Score7/10-
A potential corporate email address has been identified in the URL: PUID00037FFF8D6CE234@84df9e7fe9f640afb435aaaaaaaaaaaa
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Detected potential entity reuse from brand MICROSOFT.
-
Drops file in System32 directory
-