General
-
Target
IObit Uninstaller Pro v10.5.0.5.exe
-
Size
32.0MB
-
Sample
211106-ymyqeacgdk
-
MD5
afffb3c96899e7cc3e1d4e547d101394
-
SHA1
51c070c4c1095b6ffb601f2d45a393f8af8b1f33
-
SHA256
bd5efafb31550214f9588a562412ded45af9a99f064f82064ea5a4bc36452c2f
-
SHA512
70027aa9b13d88d1d22fb43f218332600554d2773b47bf1c54ee86974b299193dc5bfa377f7c600c340e56a5666c38026a955ea1f5b00fd86ee1345a0265f70b
Static task
static1
Behavioral task
behavioral1
Sample
6CF4B6522A9B9347E710E3AFD9D1DB5202E874744FC207D4E5095E9CDBD1C535.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
6CF4B6522A9B9347E710E3AFD9D1DB5202E874744FC207D4E5095E9CDBD1C535.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
6CF4B6522A9B9347E710E3AFD9D1DB5202E874744FC207D4E5095E9CDBD1C535
-
Size
32.1MB
-
MD5
b633c33ad74bb991eb68841ddc31f688
-
SHA1
2ad0efd89c521e9895f3664c60f1937b3f503c24
-
SHA256
6cf4b6522a9b9347e710e3afd9d1db5202e874744fc207d4e5095e9cdbd1c535
-
SHA512
4bd519886d5ee0d0a56ee4546850802865b5e4660ce8b2a79619d043c913a7eb56f7e286c541b9b7a9ab0bb84c44b45299a9de0e37e2f871d499c83aff5b63c3
Score10/10-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-