General
-
Target
hidemyip.exe
-
Size
5.2MB
-
Sample
230215-zjvp1sdg4y
-
MD5
977d272af1a1f2d968ebb00e82c9eecd
-
SHA1
4ef47b68004380df44356ab79faad3610d88730f
-
SHA256
f61bc09e2686c52ea44b49498ecd4f292c4feb65ae131bd96bea1d569e9c5959
-
SHA512
c9506a21050bc74bb88f195d1c1f715b6a6894a0cdd8964cae9c19dd0bdfeaed0d5b3d7fec30c1c77fabd97cd2eb43cf8394c3823153e847e6334f879d894986
-
SSDEEP
98304:Pr3ED9PrtDAgfNxVe5BmZJtskn0ZvBp3jaxDZ1VrQOqE2euzhMMuGbuIcFvG:SphfLV6IbnaBpGxdlq7euzhMMLcRG
Malware Config
Targets
-
-
Target
hidemyip.exe
-
Size
5.2MB
-
MD5
977d272af1a1f2d968ebb00e82c9eecd
-
SHA1
4ef47b68004380df44356ab79faad3610d88730f
-
SHA256
f61bc09e2686c52ea44b49498ecd4f292c4feb65ae131bd96bea1d569e9c5959
-
SHA512
c9506a21050bc74bb88f195d1c1f715b6a6894a0cdd8964cae9c19dd0bdfeaed0d5b3d7fec30c1c77fabd97cd2eb43cf8394c3823153e847e6334f879d894986
-
SSDEEP
98304:Pr3ED9PrtDAgfNxVe5BmZJtskn0ZvBp3jaxDZ1VrQOqE2euzhMMuGbuIcFvG:SphfLV6IbnaBpGxdlq7euzhMMLcRG
Score8/10-
Modifies Windows Firewall
-
Stops running service(s)
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-