General
-
Target
08dc4be16b35146df19463ee09c2b5f7.exe
-
Size
1.5MB
-
Sample
211126-l4hdjafab2
-
MD5
08dc4be16b35146df19463ee09c2b5f7
-
SHA1
87e9d4c9cd4ad30e944edb9afc8c9cb8134dfe65
-
SHA256
7e96ab55efa05c82a93d5acd59dca542dce7c9e49ea383e4b17f9da81d2b3cd8
-
SHA512
351c51df4aeefe086db310f65148d9254240cd4238f5c0bbcd851376d2e2a3b432103373428be8c8733981c79123969a39585e0f88a199350351d342e8d6549f
Static task
static1
Behavioral task
behavioral1
Sample
08dc4be16b35146df19463ee09c2b5f7.exe
Resource
win7-en-20211104
Malware Config
Extracted
socelars
http://www.ecgbg.com/
Targets
-
-
Target
08dc4be16b35146df19463ee09c2b5f7.exe
-
Size
1.5MB
-
MD5
08dc4be16b35146df19463ee09c2b5f7
-
SHA1
87e9d4c9cd4ad30e944edb9afc8c9cb8134dfe65
-
SHA256
7e96ab55efa05c82a93d5acd59dca542dce7c9e49ea383e4b17f9da81d2b3cd8
-
SHA512
351c51df4aeefe086db310f65148d9254240cd4238f5c0bbcd851376d2e2a3b432103373428be8c8733981c79123969a39585e0f88a199350351d342e8d6549f
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-