General
-
Target
8e5cfa52dd1c6152e1c639dc074c6631.exe
-
Size
1.4MB
-
Sample
211220-hx8elaafgl
-
MD5
8e5cfa52dd1c6152e1c639dc074c6631
-
SHA1
5852bec0110934c4b157e336b434163b259f5b7e
-
SHA256
348b7406ac9aa4f7032767e9d4d8ec62c2d77754dc0a821c0c1f063c740f4045
-
SHA512
698d9dcedd46dcacf4599c8c5a8c04c5e4d9f7ccb310af69b76cc647e6a8896a5804efd3e5de88f57ffe489570a85ccbb819542e05c3d6dc33d954656ed4345c
Static task
static1
Behavioral task
behavioral1
Sample
8e5cfa52dd1c6152e1c639dc074c6631.exe
Resource
win7-en-20211208
Malware Config
Extracted
socelars
http://www.biohazardgraphics.com/
Targets
-
-
Target
8e5cfa52dd1c6152e1c639dc074c6631.exe
-
Size
1.4MB
-
MD5
8e5cfa52dd1c6152e1c639dc074c6631
-
SHA1
5852bec0110934c4b157e336b434163b259f5b7e
-
SHA256
348b7406ac9aa4f7032767e9d4d8ec62c2d77754dc0a821c0c1f063c740f4045
-
SHA512
698d9dcedd46dcacf4599c8c5a8c04c5e4d9f7ccb310af69b76cc647e6a8896a5804efd3e5de88f57ffe489570a85ccbb819542e05c3d6dc33d954656ed4345c
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-