General
-
Target
f0ba68612d778e67d2b1beca47c61be58753bd517660d99476481f3e548cfe50
-
Size
178KB
-
Sample
191213-61416bndde
-
MD5
b18161125c630e5fe591205d07c8aa93
-
SHA1
2af46436b598051c55ab6a48055d3c7f41c86285
-
SHA256
f0ba68612d778e67d2b1beca47c61be58753bd517660d99476481f3e548cfe50
-
SHA512
ff1591fc892ed123ffd759bf7f6828b132b84e66cb862707903a379115eb443ee75cc2f4843aa8bbd9303e635cffb3ce3ca534b463ed8b69d2d7994f6a167f49
Malware Config
Extracted
http://birdlandonetoone.com/blogs/xth90m/
http://generalpro.com/_private/a/
http://kuznetsov.ca/thumbs/y/
http://horal.sk/2016/YO/
http://indrikov.com/in_velox_libertas/bj/
Targets
-
-
Target
f0ba68612d778e67d2b1beca47c61be58753bd517660d99476481f3e548cfe50
-
Size
178KB
-
MD5
b18161125c630e5fe591205d07c8aa93
-
SHA1
2af46436b598051c55ab6a48055d3c7f41c86285
-
SHA256
f0ba68612d778e67d2b1beca47c61be58753bd517660d99476481f3e548cfe50
-
SHA512
ff1591fc892ed123ffd759bf7f6828b132b84e66cb862707903a379115eb443ee75cc2f4843aa8bbd9303e635cffb3ce3ca534b463ed8b69d2d7994f6a167f49
Score8/10-
Executes dropped EXE
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-