General
-
Target
Rambox-0.7.9-win.exe
-
Size
112.3MB
-
Sample
211019-rdvttsgghm
-
MD5
d3b36737818f47270c788fae167446d2
-
SHA1
5a5e09c9365325ac640ada70e97d060d8984360c
-
SHA256
2aa345f263242d17215171ee9355dbe4f73096f29a76c23adfd272f6fe659649
-
SHA512
fe080ee14053a2e9cbb092b2bf9eace7e471ed357653ef776662d8d4f95da8cdc9cfa2ba872e5142ed47b4a49a48d4220cd6a126766f100789fe7e00e5f5eb48
Static task
static1
Behavioral task
behavioral1
Sample
Rambox-0.7.9-win.exe
Resource
win11
Behavioral task
behavioral2
Sample
Rambox-0.7.9-win.exe
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
Rambox-0.7.9-win.exe
-
Size
112.3MB
-
MD5
d3b36737818f47270c788fae167446d2
-
SHA1
5a5e09c9365325ac640ada70e97d060d8984360c
-
SHA256
2aa345f263242d17215171ee9355dbe4f73096f29a76c23adfd272f6fe659649
-
SHA512
fe080ee14053a2e9cbb092b2bf9eace7e471ed357653ef776662d8d4f95da8cdc9cfa2ba872e5142ed47b4a49a48d4220cd6a126766f100789fe7e00e5f5eb48
Score8/10-
Executes dropped EXE
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-