General
-
Target
5a292573900ffb7c502ba2af83faf97e5c3067585cfe757007c5163a406421f8
-
Size
166KB
-
Sample
191212-bvfwwlnwde
-
MD5
dc94e569e67e34bad59280fa769ede88
-
SHA1
b683559ab8fc7827a59d611fed6efeff717a8033
-
SHA256
5a292573900ffb7c502ba2af83faf97e5c3067585cfe757007c5163a406421f8
-
SHA512
7cedeaba04dc499b2b275fb948fd02a17eaa9be051690d35ad17cf9ee8b36569ecf228f2b8bcf96730f47e4b02231cb97f29e5fdbbe9027f6e1a13ff00406ca1
Malware Config
Extracted
http://acqua.solarcytec.com/rtsbgs/XiWmtYYur/
https://blog.learncy.net/wp-admin/user/oxZqQp/
http://hospitalsanrafael.ainimedina.com/wp-includes/vwf-i8ge-4445917/
https://sg771.kwikfunnels.com/phpmyadmin_bck/x9tfn-lv1h4-174129596/
http://www.siyinjichangjia.com/wp-content/WYszsP/
Targets
-
-
Target
5a292573900ffb7c502ba2af83faf97e5c3067585cfe757007c5163a406421f8
-
Size
166KB
-
MD5
dc94e569e67e34bad59280fa769ede88
-
SHA1
b683559ab8fc7827a59d611fed6efeff717a8033
-
SHA256
5a292573900ffb7c502ba2af83faf97e5c3067585cfe757007c5163a406421f8
-
SHA512
7cedeaba04dc499b2b275fb948fd02a17eaa9be051690d35ad17cf9ee8b36569ecf228f2b8bcf96730f47e4b02231cb97f29e5fdbbe9027f6e1a13ff00406ca1
Score8/10-
Executes dropped EXE
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-