General
-
Target
2045e9523d88e136848364cffe66aaa35ed9ebf0a14393dc08b649b053cf872d
-
Size
180KB
-
Sample
191213-h57lb5h5gn
-
MD5
c7952d6dd6e24858f4d2519d9e37a7d9
-
SHA1
4e7a70c53038602ca6d7e992304c3b90dbd184f5
-
SHA256
2045e9523d88e136848364cffe66aaa35ed9ebf0a14393dc08b649b053cf872d
-
SHA512
7115730dca863e9bcc03e8e6b68b94a9c119805b6f6acf9512eec907eaa05d4afc6f28b93c39022baf7ed1f024953059f2f69b2cc68854c3e280f3385805bd70
Malware Config
Extracted
http://birdlandonetoone.com/blogs/xth90m/
http://generalpro.com/_private/a/
http://kuznetsov.ca/thumbs/y/
http://horal.sk/2016/YO/
http://indrikov.com/in_velox_libertas/bj/
Targets
-
-
Target
2045e9523d88e136848364cffe66aaa35ed9ebf0a14393dc08b649b053cf872d
-
Size
180KB
-
MD5
c7952d6dd6e24858f4d2519d9e37a7d9
-
SHA1
4e7a70c53038602ca6d7e992304c3b90dbd184f5
-
SHA256
2045e9523d88e136848364cffe66aaa35ed9ebf0a14393dc08b649b053cf872d
-
SHA512
7115730dca863e9bcc03e8e6b68b94a9c119805b6f6acf9512eec907eaa05d4afc6f28b93c39022baf7ed1f024953059f2f69b2cc68854c3e280f3385805bd70
Score8/10-
Executes dropped EXE
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-