General
-
Target
Lark-win32_ia32-6.0.6-signed.exe
-
Size
210.9MB
-
Sample
230331-y946psee61
-
MD5
755e36e52e4c324bdf1a962614d54c40
-
SHA1
c9acaa99cd3e23f2e01a2122188ed3751f17bac5
-
SHA256
d96b7f1321f151c7fe1d3f66d650a574b688ce5e5e6bbc131d307f91c2d70775
-
SHA512
698032e8e77ee20e59517ac0d5aacb9385dee7ef99fa7101d5375d3d5a167103e8c4c1b4246f6eacaf59a8a8d93db552bc99530ba653ef089bd8df68d6f2e7f3
-
SSDEEP
6291456:FAVjRpHi7GnMqP6pNYTw1rZt+kXVLlWvsRUM13:FAhRE7GnGictg4pWM13
Malware Config
Targets
-
-
Target
Lark-win32_ia32-6.0.6-signed.exe
-
Size
210.9MB
-
MD5
755e36e52e4c324bdf1a962614d54c40
-
SHA1
c9acaa99cd3e23f2e01a2122188ed3751f17bac5
-
SHA256
d96b7f1321f151c7fe1d3f66d650a574b688ce5e5e6bbc131d307f91c2d70775
-
SHA512
698032e8e77ee20e59517ac0d5aacb9385dee7ef99fa7101d5375d3d5a167103e8c4c1b4246f6eacaf59a8a8d93db552bc99530ba653ef089bd8df68d6f2e7f3
-
SSDEEP
6291456:FAVjRpHi7GnMqP6pNYTw1rZt+kXVLlWvsRUM13:FAhRE7GnGictg4pWM13
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-