General
-
Target
e49dd2c1543e2548c419dbdf462e9242.exe
-
Size
1.5MB
-
Sample
211217-matedaebhr
-
MD5
e49dd2c1543e2548c419dbdf462e9242
-
SHA1
593b6fdede7440648d432018f82dd1afdee43d9a
-
SHA256
9256803a391489bbc1c5d71f032385fc85d9826f145c5bb90407ff8c541ebf40
-
SHA512
bdfc2859308d24d395337f2a712d4363d6c62f871ba7f62114408d42107beeadd7bc43585dbbf18b8b876b3e0c49ebb031cb6db944c25cc4e61386dac69a3ceb
Static task
static1
Behavioral task
behavioral1
Sample
e49dd2c1543e2548c419dbdf462e9242.exe
Resource
win7-en-20211208
Malware Config
Extracted
socelars
http://www.biohazardgraphics.com/
Targets
-
-
Target
e49dd2c1543e2548c419dbdf462e9242.exe
-
Size
1.5MB
-
MD5
e49dd2c1543e2548c419dbdf462e9242
-
SHA1
593b6fdede7440648d432018f82dd1afdee43d9a
-
SHA256
9256803a391489bbc1c5d71f032385fc85d9826f145c5bb90407ff8c541ebf40
-
SHA512
bdfc2859308d24d395337f2a712d4363d6c62f871ba7f62114408d42107beeadd7bc43585dbbf18b8b876b3e0c49ebb031cb6db944c25cc4e61386dac69a3ceb
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-