General
-
Target
PSNStuff-Database-Hola-Browser-Setup-Inst-Agreed-C-Mmdb2.exe
-
Size
1.4MB
-
Sample
230314-x5ejtabc7z
-
MD5
7f5ff592b91e28a827303ad81a381f35
-
SHA1
2f840eda2b3e0c409b3dbd00fcdc68565f861162
-
SHA256
5b3419ae552d690414c96c0c984bdc4236e4d8c33c2aad61b796ed9ba734a594
-
SHA512
311c86d47fbd7b2e078aa4c6d5d8a8c3feaabcceb360e56cf82c7e5a3c42107c1c9fbddfd1b9b7e602811869e881b82edf03a68ac3ae64061aafcb70db95cfe9
-
SSDEEP
24576:gHp+nUL+L8m657w6ZBLmkitKqBCjC0PDgM5A4woG4O:gH/yVV1BCjBkZ
Malware Config
Targets
-
-
Target
PSNStuff-Database-Hola-Browser-Setup-Inst-Agreed-C-Mmdb2.exe
-
Size
1.4MB
-
MD5
7f5ff592b91e28a827303ad81a381f35
-
SHA1
2f840eda2b3e0c409b3dbd00fcdc68565f861162
-
SHA256
5b3419ae552d690414c96c0c984bdc4236e4d8c33c2aad61b796ed9ba734a594
-
SHA512
311c86d47fbd7b2e078aa4c6d5d8a8c3feaabcceb360e56cf82c7e5a3c42107c1c9fbddfd1b9b7e602811869e881b82edf03a68ac3ae64061aafcb70db95cfe9
-
SSDEEP
24576:gHp+nUL+L8m657w6ZBLmkitKqBCjC0PDgM5A4woG4O:gH/yVV1BCjBkZ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-