General
-
Target
33877b8884cf90087c656b31329e41e1.exe
-
Size
1.7MB
-
Sample
230220-27y4fsch65
-
MD5
33877b8884cf90087c656b31329e41e1
-
SHA1
52b056b754639d8eb0262d9ca4f73120cad556a1
-
SHA256
e652030ce495ca211f8556f7ed80ef7d87cb52c3c5e1fb810a83e3903b05fd6f
-
SHA512
c08a4cb57c4c69f63c58df2ed8c3ff18fe99d4bb230f0b4608a074bac54e5a4519a8583a906b293aca71c8140576af9906033214b5e44b81b7ce778dd47cfe3f
-
SSDEEP
49152:7ql3+9C105dOZp76JFx15JwBdQT9lniLbTmwNZ304E:7ql3m405Yr76JNHwBuUT5Z3I
Malware Config
Targets
-
-
Target
33877b8884cf90087c656b31329e41e1.exe
-
Size
1.7MB
-
MD5
33877b8884cf90087c656b31329e41e1
-
SHA1
52b056b754639d8eb0262d9ca4f73120cad556a1
-
SHA256
e652030ce495ca211f8556f7ed80ef7d87cb52c3c5e1fb810a83e3903b05fd6f
-
SHA512
c08a4cb57c4c69f63c58df2ed8c3ff18fe99d4bb230f0b4608a074bac54e5a4519a8583a906b293aca71c8140576af9906033214b5e44b81b7ce778dd47cfe3f
-
SSDEEP
49152:7ql3+9C105dOZp76JFx15JwBdQT9lniLbTmwNZ304E:7ql3m405Yr76JNHwBuUT5Z3I
Score9/10-
CoreEntity .NET Packer
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-