General
-
Target
SecuriteInfo.com.Variant.Ursu.936368.26254.27014
-
Size
3.8MB
-
Sample
220822-c2fmgscdf9
-
MD5
d1b586770ba96cc84263f0d57528c7d3
-
SHA1
dd68478ad1dc3ce4b097e189a7a7ef2535c18f3b
-
SHA256
b88e6f01d21c1b53829821e235cadac0553258a12521865acbd99d03b7b551a1
-
SHA512
0264ad585290ffea98043c57c190fdf02611bb9c2a26c852d0e58195bcc4d13fc7ec74c865bb3fa56f8f89d344c8632c4eb0b0a4a4f7f7c089d1f1cc290fdf44
-
SSDEEP
98304:Th8I5Rmg0phI7SRhGfj+HGjamWen0nuIjt1glI5OAfmP/SA8Z:TOaqaSRO+HGj+en0tg2kymnShZ
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Variant.Ursu.936368.26254.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Variant.Ursu.936368.26254.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
kutaki
http://ojorobia.club/laptop/laptop.php
http://terebinnahicc.club/sec/kool.txt
Targets
-
-
Target
SecuriteInfo.com.Variant.Ursu.936368.26254.27014
-
Size
3.8MB
-
MD5
d1b586770ba96cc84263f0d57528c7d3
-
SHA1
dd68478ad1dc3ce4b097e189a7a7ef2535c18f3b
-
SHA256
b88e6f01d21c1b53829821e235cadac0553258a12521865acbd99d03b7b551a1
-
SHA512
0264ad585290ffea98043c57c190fdf02611bb9c2a26c852d0e58195bcc4d13fc7ec74c865bb3fa56f8f89d344c8632c4eb0b0a4a4f7f7c089d1f1cc290fdf44
-
SSDEEP
98304:Th8I5Rmg0phI7SRhGfj+HGjamWen0nuIjt1glI5OAfmP/SA8Z:TOaqaSRO+HGj+en0tg2kymnShZ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-