General
-
Target
sample
-
Size
491KB
-
Sample
240701-kbzlnsvcnq
-
MD5
06352c227e31e52c4a33996144be71da
-
SHA1
2e2879e290b3a411a80ec6661c9e277a8f21b2e7
-
SHA256
af23ff1818fe3c7fe2a9539e34ab1fa98c254e37fb90d349d6ed87795cefd62e
-
SHA512
40e5d682b3186f1a69c248e6199648b378ad825f8ae5db319979af7af123374dab1706032f7ad196afed8e74741abdaded1ec9d9ea5b85dc71995f4478009b5f
-
SSDEEP
6144:VD/AY/AYrAYyAYdAYSAYKAYsAYzAYpAYgbg:VDAiAUARA0A5ANA9AOAWAbbg
Static task
static1
Malware Config
Targets
-
-
Target
sample
-
Size
491KB
-
MD5
06352c227e31e52c4a33996144be71da
-
SHA1
2e2879e290b3a411a80ec6661c9e277a8f21b2e7
-
SHA256
af23ff1818fe3c7fe2a9539e34ab1fa98c254e37fb90d349d6ed87795cefd62e
-
SHA512
40e5d682b3186f1a69c248e6199648b378ad825f8ae5db319979af7af123374dab1706032f7ad196afed8e74741abdaded1ec9d9ea5b85dc71995f4478009b5f
-
SSDEEP
6144:VD/AY/AYrAYyAYdAYSAYKAYsAYzAYpAYgbg:VDAiAUARA0A5ANA9AOAWAbbg
-
Downloads MZ/PE file
-
Possible privilege escalation attempt
-
Executes dropped EXE
-
Modifies file permissions
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-