General
-
Target
Valerie Installation.exe
-
Size
63.0MB
-
Sample
201123-x78b7vbp8n
-
MD5
281cc8d716c551b4897ffe9a4caad106
-
SHA1
db97ccf50d9679fd7f5e5f084aa0ca9a9b7504e5
-
SHA256
51248880da0996411594216f9a35677da5c5d294d7e1d100c610587c3bbe3fdc
-
SHA512
c8c6e44175d0862b296f3ca745db606f8d6e9d5d1f6181725e17fb1227957e16a0b220e6b2d40a135aca04a654e8431dee0fed722285daa629ab037642ab05ab
Static task
static1
Behavioral task
behavioral1
Sample
Valerie Installation.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
Valerie Installation.exe
-
Size
63.0MB
-
MD5
281cc8d716c551b4897ffe9a4caad106
-
SHA1
db97ccf50d9679fd7f5e5f084aa0ca9a9b7504e5
-
SHA256
51248880da0996411594216f9a35677da5c5d294d7e1d100c610587c3bbe3fdc
-
SHA512
c8c6e44175d0862b296f3ca745db606f8d6e9d5d1f6181725e17fb1227957e16a0b220e6b2d40a135aca04a654e8431dee0fed722285daa629ab037642ab05ab
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-