General
-
Target
81968bd2f3aba5dabe1fa57e078665bbb12af3f779b3bb015b03c90ce2feb3b0
-
Size
175KB
-
Sample
191212-ehbrfgkwea
-
MD5
42984e712380504db01c43b1627df2b3
-
SHA1
55fff5adb0e06f7249d8b3eef40f5c339c6ccbdc
-
SHA256
81968bd2f3aba5dabe1fa57e078665bbb12af3f779b3bb015b03c90ce2feb3b0
-
SHA512
c6fafcee4eaee30529ae103083577eaa0d69c1c505ec06320f48b602157ffb571b63dedddeee08ddb6b82e1197f4618f89b8ca956a84849b683ea9f41b22fff8
Malware Config
Extracted
http://polandpresents.info/libraries/65284EU/
http://nbnglobalhk.com/cgi-bin/32n2/
http://armgroup101.com/Old1/cpfa/
https://pasadenacf.org/wp-content-orig/akzk9i/
http://armanchemical.com/wp-content/9Bg1ybsr/
Targets
-
-
Target
81968bd2f3aba5dabe1fa57e078665bbb12af3f779b3bb015b03c90ce2feb3b0
-
Size
175KB
-
MD5
42984e712380504db01c43b1627df2b3
-
SHA1
55fff5adb0e06f7249d8b3eef40f5c339c6ccbdc
-
SHA256
81968bd2f3aba5dabe1fa57e078665bbb12af3f779b3bb015b03c90ce2feb3b0
-
SHA512
c6fafcee4eaee30529ae103083577eaa0d69c1c505ec06320f48b602157ffb571b63dedddeee08ddb6b82e1197f4618f89b8ca956a84849b683ea9f41b22fff8
Score8/10-
Executes dropped EXE
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-