Sample File:

	MD5 hash:
		841ba553159d08ba6bee7435341a39e8

	SHA1 hash:
		bf60dd0f4f3069405365f6edc3766da9d0122bf8

	SHA256 hash:
		8133047094cf407e4b45efe4cf44f7b569e8c3133d1c598bba3188137401cc7c

	SSDEEP hash:
		None

	Filename(s):
		ClientUpdate.exe

	Filetype:
		Windows Exe (x86-64)


Mutex IOCs:

		Ptición de trabajo


Registry Key IOCs:

		HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\DisableUNCCheck
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\EnableExtensions
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\DelayedExpansion
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\DefaultColor
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\CompletionChar
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\PathCompletionChar
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\AutoRun
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DisableUNCCheck
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\EnableExtensions
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DelayedExpansion
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DefaultColor
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\CompletionChar
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\PathCompletionChar
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\AutoRun
		HKEY_LOCAL_MACHINE\Software\Oracle\VirtualBox


Domain IOCs:

		- None -

IP IOCs:

		- None -

URL IOCs:

		- None -

File IOCs:

	Filenames:
		\??\C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\saddrv.sys
		\\.\c:
		C:\windows\system32\cmd.exe
		\\.\VBoxDrv
		C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\elrawdsk.sys
		\??\C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\elrawdsk.sys
		C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\ClientUpdate.exe
		soy.exe
		C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\saddrv.sys
		C:\Users\5p5NrGJn0jS HALPmcxz\Desktop
		\\?\ElRawDisk\??\c:#b4b615c28ccd059cf8ed1abf1c71fe03c0354522990af63adf3c911e2287a4b906d47d

	MD5 hashes:
		1a69a02b0cd10b1764521fec4b7376c9
		993e9cb95301126debdea7dd66b9e121
		eaea9ccb40c82af8f3867cd0f4dd5e9d

	SHA1 hashes:
		7c1b25518dee1e30b5a6eaa1ea8e4a3780c24d0c
		0d0b9299674868dbec74317c9c20de0c6c5a0549
		a7133c316c534d1331c801bbcd3f4c62141013a1

	SHA256 hashes:
		cf3a7d4285d65bf8688215407bce1b51d7c6b22497f09021f0fce31cbeb78986
		36a4e35abf2217887e97041e3e0b17483aa4d2c1aee6feadd48ef448bf1b9e6c
		becb74a8a71a324c78625aa589e77631633d0f15af1473dfe34eca06e7ec6b86

	SSDEEP hashes:
		384:9a5MM0mSc80J0sES5EGr7Btpqu1Ehc+PGhzgWdSLSbf/V+23HzirUJ2R8mf:9i3SAHOoz1a2clLST/zzixl
		6144:HwDOaOGnrViaqj8qxA5ZmDvHBGTVdEolim6U9iceu:Ho3q5vhGTXj
		768:mkD7TfQS7D8ueMKxp0pO/Qw+FKebe3vFQFftSJfghVotiTAlLwJidG:33d38uezp0Dw+49tKMgVxAlIiw