General
-
Target
adobe.exe
-
Size
475.6MB
-
Sample
230313-k2s7ksbe9x
-
MD5
3450e33a31a58590b7b0f76d95f1c15b
-
SHA1
ee672c96f12484c3dae64fd964a4427b3cc6565b
-
SHA256
2ba9e1fa5bac1c4ff40a3d1301e730cff2007f7bbec73997b60b679c46f304de
-
SHA512
fa3558fce1eb2549586477f080ed3f1dcc730c6d30eb9fc10c1a9b7c67ab8c906f245618855711fa26ed41216a8863f348d75af24fe8dbf5783508ac5013efa7
-
SSDEEP
49152:ZC6nMrcpEgloAXxQ8+vHe1NkQLUEHgnpY:ZNBjloAhR+/m+Ugn
Static task
static1
Malware Config
Extracted
systembc
45.138.74.200:4001
212.8.244.5:4001
Targets
-
-
Target
adobe.exe
-
Size
475.6MB
-
MD5
3450e33a31a58590b7b0f76d95f1c15b
-
SHA1
ee672c96f12484c3dae64fd964a4427b3cc6565b
-
SHA256
2ba9e1fa5bac1c4ff40a3d1301e730cff2007f7bbec73997b60b679c46f304de
-
SHA512
fa3558fce1eb2549586477f080ed3f1dcc730c6d30eb9fc10c1a9b7c67ab8c906f245618855711fa26ed41216a8863f348d75af24fe8dbf5783508ac5013efa7
-
SSDEEP
49152:ZC6nMrcpEgloAXxQ8+vHe1NkQLUEHgnpY:ZNBjloAhR+/m+Ugn
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-