General
-
Target
ultdata-android.exe
-
Size
2.1MB
-
Sample
230208-djah7agd3z
-
MD5
fdb3d5a897b8f1d0330b1486cf14a7a0
-
SHA1
4e513d885a325ec098bf24c6c8cb840f5c2e0fe7
-
SHA256
9177f4ea7d98bf6d047fe3a871fa7ce78432bb8644aa7b0d4f94c08313e27956
-
SHA512
3cc9cc1cf35c60a046a55614215b12fbb01ddf06fd50db7d39f683d166ac14901b9fc33536e6a6a72db5b5e314dacf35a1b5389bdbf315b1c7b89b40dd7af07a
-
SSDEEP
49152:RBrmqX5EIZ1h+Fyamj4NIyH1HWS4cxX8Q/UEOZaAMnQ:RA+EG7tZDS408QMaAD
Malware Config
Targets
-
-
Target
ultdata-android.exe
-
Size
2.1MB
-
MD5
fdb3d5a897b8f1d0330b1486cf14a7a0
-
SHA1
4e513d885a325ec098bf24c6c8cb840f5c2e0fe7
-
SHA256
9177f4ea7d98bf6d047fe3a871fa7ce78432bb8644aa7b0d4f94c08313e27956
-
SHA512
3cc9cc1cf35c60a046a55614215b12fbb01ddf06fd50db7d39f683d166ac14901b9fc33536e6a6a72db5b5e314dacf35a1b5389bdbf315b1c7b89b40dd7af07a
-
SSDEEP
49152:RBrmqX5EIZ1h+Fyamj4NIyH1HWS4cxX8Q/UEOZaAMnQ:RA+EG7tZDS408QMaAD
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
out.upx
-
Size
3.7MB
-
MD5
7afc66f3f5d7678f57460c6677983741
-
SHA1
aeb1e527dfdef06697c624fed0a610d0ccd5c5a2
-
SHA256
007a99df84c7af7732bbb4d3788ab0b26059e584e234d4b0f2dd433069aefc1a
-
SHA512
229eb7c9d28244defe777884928479eabb45431e1fc95fa171a2d3cd1871dc67b8d1c0569c068c0fe9dbb2d3ee5147e2081aa4cb720d4ac193fa263257b090a1
-
SSDEEP
49152:o8IIj/IjqrKUn+EhBJWJ71TpBu9TSwfCZWaPfUnUQUPEncMQ8:o8IIj/IjqT/By1TpBulfC06D8
Score1/10 -