General
-
Target
Windows 7 IconPack By 2013Windows8.1.exe
-
Size
15.2MB
-
Sample
230124-v4kckach36
-
MD5
d54c644994f501358b6074a0ce2f331b
-
SHA1
863d56e70d675eab6e83909fb587ad9e802bcce2
-
SHA256
24a7869b1b222cc2eae561421b7f0c83048ca4c157d44718102a3e674a412e99
-
SHA512
404910ea4caad2d05d9a2292b62d46355d98fb9c9577c4fc5838c6507deb84aabde02ec6557fa36d25ce4829322ef8da315f2573268117da07490bee49f51d7a
-
SSDEEP
393216:sCBY2ekC/ialj+VaCVeNnCrPYFjvnfIlclildwvki/rsJwN1N:p7+iat+4CkNCEF7fIlldwPrsaTN
Behavioral task
behavioral1
Sample
Windows 7 IconPack By 2013Windows8.1.exe
Resource
win10v2004-20220812-es
Behavioral task
behavioral2
Sample
out.exe
Resource
win10v2004-20221111-es
Malware Config
Targets
-
-
Target
Windows 7 IconPack By 2013Windows8.1.exe
-
Size
15.2MB
-
MD5
d54c644994f501358b6074a0ce2f331b
-
SHA1
863d56e70d675eab6e83909fb587ad9e802bcce2
-
SHA256
24a7869b1b222cc2eae561421b7f0c83048ca4c157d44718102a3e674a412e99
-
SHA512
404910ea4caad2d05d9a2292b62d46355d98fb9c9577c4fc5838c6507deb84aabde02ec6557fa36d25ce4829322ef8da315f2573268117da07490bee49f51d7a
-
SSDEEP
393216:sCBY2ekC/ialj+VaCVeNnCrPYFjvnfIlclildwvki/rsJwN1N:p7+iat+4CkNCEF7fIlldwPrsaTN
Score8/10-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
out.upx
-
Size
201KB
-
MD5
4b22852505b33e9b2d221c310da55f77
-
SHA1
8d681ec5491fcfd93f2b2bba28faf41c42bf55f1
-
SHA256
0e78c55277fee0b768c3f890de427c35edd49367a2de0ae9ee1d11c0719145d8
-
SHA512
3df7c7d3ee8b513f9909ba269cef08398a5364c92d8e30894eb5b99c011e55e744f335bd0e34cdcf50db3e1194691f076dbb161e0e8d1374b13920ab56fe6f73
-
SSDEEP
6144:+vlAkAsl3DR2+Mq9ing3vRqHnzf3puuc3:Zk5L2FqpvRQzf3puuc3
Score1/10 -