General
-
Target
musconv.exe
-
Size
156.2MB
-
Sample
221222-cl33vadg32
-
MD5
ffa234b96b8451250f232b65103ba466
-
SHA1
2a7a02aca9e8418dfe0125f590b952f714ebe72f
-
SHA256
d52b0bb766f8489d06d67519c602f68ffae98a7fef68cc24fef28c66bb3f2194
-
SHA512
ba7a5015fb2530f714308afc53a4f905b76d16f054ff38bd1c8d8df6998f3c261ef285fdd754bc8a9838fc2b715b28e0c58c2247deb9f3110cc4d7e793c2201b
-
SSDEEP
3145728:0CEY9VbCxcySzHaOfbCiefT0XPwkZ5Bv16pAkUHzeq6Pn2t+b5rB:19VbCxcy0b8TMwQn6pAtyP75r
Static task
static1
Behavioral task
behavioral1
Sample
musconv.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
musconv.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
musconv.exe
-
Size
156.2MB
-
MD5
ffa234b96b8451250f232b65103ba466
-
SHA1
2a7a02aca9e8418dfe0125f590b952f714ebe72f
-
SHA256
d52b0bb766f8489d06d67519c602f68ffae98a7fef68cc24fef28c66bb3f2194
-
SHA512
ba7a5015fb2530f714308afc53a4f905b76d16f054ff38bd1c8d8df6998f3c261ef285fdd754bc8a9838fc2b715b28e0c58c2247deb9f3110cc4d7e793c2201b
-
SSDEEP
3145728:0CEY9VbCxcySzHaOfbCiefT0XPwkZ5Bv16pAkUHzeq6Pn2t+b5rB:19VbCxcy0b8TMwQn6pAtyP75r
Score10/10-
CoreEntity .NET Packer
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-