General
-
Target
3b4fc8117a3228f3e4993fbb0adfebd93b714f1677e93f95b55fdb8381681853
-
Size
256KB
-
Sample
240629-y6t7bsvgkc
-
MD5
ef0546a86f8bc61f931e87474c80977d
-
SHA1
9f92cd8e52aed564f686c0ec57a1548ce27caba9
-
SHA256
3b4fc8117a3228f3e4993fbb0adfebd93b714f1677e93f95b55fdb8381681853
-
SHA512
e043ae83ce3a002ffe70d5f409a5d4b6370559c01b00fe590de226a2621094e12b0bcc06fe247098f897a926e2fd38913eb06ce00ea9ae017d26e94293f8013b
-
SSDEEP
6144:wDLQxoyQ1LpnFyZ+dayL9rvolH8u3ZhGod:IQCyQ1LHk+zR7QHjGo
Behavioral task
behavioral1
Sample
3b4fc8117a3228f3e4993fbb0adfebd93b714f1677e93f95b55fdb8381681853.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3b4fc8117a3228f3e4993fbb0adfebd93b714f1677e93f95b55fdb8381681853.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
3b4fc8117a3228f3e4993fbb0adfebd93b714f1677e93f95b55fdb8381681853
-
Size
256KB
-
MD5
ef0546a86f8bc61f931e87474c80977d
-
SHA1
9f92cd8e52aed564f686c0ec57a1548ce27caba9
-
SHA256
3b4fc8117a3228f3e4993fbb0adfebd93b714f1677e93f95b55fdb8381681853
-
SHA512
e043ae83ce3a002ffe70d5f409a5d4b6370559c01b00fe590de226a2621094e12b0bcc06fe247098f897a926e2fd38913eb06ce00ea9ae017d26e94293f8013b
-
SSDEEP
6144:wDLQxoyQ1LpnFyZ+dayL9rvolH8u3ZhGod:IQCyQ1LHk+zR7QHjGo
Score9/10-
Detects executables packed with VMProtect.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Deletes itself
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-