General
-
Target
fc708c22acda37fb50cea6d603cb794852d8311349970461b178ff66dedccc0b.zip
-
Size
5.1MB
-
Sample
221128-kwtadsbc49
-
MD5
fc8757b16f660c77a9323dc58f658fb9
-
SHA1
5efbae311ad62c256ed27cacfd16cc8846934811
-
SHA256
f8f1e16fa231b9deaea47439dfca1c625296bc09be9c476b3f7b29694bd49a82
-
SHA512
8e616c34e9377dfcb3812b716ce5c7d9ff74120c4c4e79d2e034803e98371ecb83d84ca2b4c016e158766cfce125a250b177ebac1624d70868d7d9b5f845ea37
-
SSDEEP
98304:zmFcRu80U650Ic29SwW3CnNOFhiCx78z9strZeAvkyfRXHIMJt+mLOQKb5V:zmFDf50I6wW3CNSt7F19tfBdVgT
Static task
static1
Behavioral task
behavioral1
Sample
fc708c22acda37fb50cea6d603cb794852d8311349970461b178ff66dedccc0b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
fc708c22acda37fb50cea6d603cb794852d8311349970461b178ff66dedccc0b.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
fc708c22acda37fb50cea6d603cb794852d8311349970461b178ff66dedccc0b
-
Size
5.2MB
-
MD5
cbe30f7bff71640a9c3421adb13e5e82
-
SHA1
0fb009f9cc8a82c31f31a78f5ed11bd84cec97b3
-
SHA256
fc708c22acda37fb50cea6d603cb794852d8311349970461b178ff66dedccc0b
-
SHA512
78d01135904927bf8db93801231d7b3ac1f5788af02338d43def15ac183bdebe078d2ff04265a01ce608a79d9535e08778ed332d1c9237d15a64ae59b25b1fe5
-
SSDEEP
98304:09ENOVKAD83t83o4HtaADJIItAte0exO7baEv3JSew4HqetOXfacKq:ZNxY3o4Z0eCWO3oewiKXfJ
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-