General
-
Target
Auto_Forge_and_mod_downloader.zip
-
Size
6.9MB
-
Sample
230204-2bbnaaab91
-
MD5
698c57d58452a4072c86afbdc9403841
-
SHA1
2edeb2c64b894ffbe52a9fc31d5cd40ccdd29954
-
SHA256
3c4ca8b2f94f0c445cb5b9337b199e298b547ae9567178327ba886ebb9047f8b
-
SHA512
ed59f1e68bf8c6c0b9bcf9c39483733b54e662bc23857f2ab4a91ea438d8f264cdbb4f3fbd8fd9a2362c1270477e8661e48c171e43444618ff6d446837a47f20
-
SSDEEP
196608:Df0ZdAmIIp4zgOYAGv01Nni4TNvPRWPI1X:DfwdAyCxqv6NXvPEgX
Behavioral task
behavioral1
Sample
Auto Forge and mod downloader.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
Auto Forge and mod downloader.exe
-
Size
7.0MB
-
MD5
9805f2e2c5d2dfb27f9435f4f6efd3dd
-
SHA1
5a2a2735e72cd2a8a1e6eff977bb622452bca4fc
-
SHA256
a27b9580607ca860dc78c19450cf06b0c66c0a3b8b36334909112fa6c275317e
-
SHA512
f0056a15b6f16ed781e5c03d3e48ac1e5e29cc710a4d39e6fd84d6a66afa9f3ddaa0c67bc60ee37b44ad0768caf61bacaff08c608a0622a990cec81905c8b69f
-
SSDEEP
196608:Mplk5be+eNOx+yAiWfGHpdoGXgktifyDE:ulIbeBQ7QfWpSktiEE
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-