Resubmissions
05-02-2025 21:42
250205-1kqccssqe1 10General
-
Target
accgen1.zip
-
Size
82.3MB
-
Sample
250205-1kqccssqe1
-
MD5
54ae497f68ebf5c4fef614ff85ff4970
-
SHA1
38b9c330c6f6cbb8637ee00e4df2d55c9dd564aa
-
SHA256
6aa7c8c1861659dc37d59e1cdd9eae1351d5e1568939b823bf6f4b30c3353886
-
SHA512
f6e2ec5e243fd05b9caa4592dc51694956ec98159b837aae1c5c9dd5402054947b2fe27f037b358fdb620a4e2275732b31f80f03f6e80a4a3198b43e45c47a21
-
SSDEEP
1572864:Kgl3Jcbzyyi4GOc8DyCkiSfCU5YvKBBOYr/JvUcwUJxiSfVixe0R1+0:KCObzyyi4GP8DyCFW2KHD/xioiSfExeY
Malware Config
Targets
-
-
Target
server.exe
-
Size
82.6MB
-
MD5
9cc8caafd6665dcc25ae9dbf3f12e549
-
SHA1
e2529c7e16a7083ba7c8247d3b5e8524b8ac1b06
-
SHA256
9f5fe2e413b3bf2a8b7fef0a1db2170c09a369101cb175e0c49fa47820218e89
-
SHA512
927d16379fd3f16ca27956222004e050883cba0d704f308361e79d59fd553491bb26f4980a16c9194deddf1166dce75ecffa201a9862c55f7a89be633735e09e
-
SSDEEP
1572864:0n21lWiW3kmUOkiqOv8im2A6WE7G6ln2iYKrhbOoAklzJINKI6HWRl:0MgitmUOknOv8i35O6lLrFoKJIN16HW
Score9/10-
Enumerates VirtualBox DLL files
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Loads dropped DLL
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-