General
-
Target
karta_UIlijhNa.exe
-
Size
3.7MB
-
Sample
230410-sr8taafh4x
-
MD5
cc708eb42b9645c82b27589285266b2e
-
SHA1
3bafdae3309703dfe5e3901330f3b78e2480de98
-
SHA256
b67e317d93ff80dffe210a1a77b4608127594b6beac4ecc73b9a6d89ffd95b5f
-
SHA512
2cfe5a67df789b7da4e4e909d39fa4781bb2532393a226fed1e439702a3d326196eb799d1f8aa40e805705636159fb58c2962ff4daae226e94a4fd1305fcb9a1
-
SSDEEP
98304:EYt7YOxhQYGg3lBfiCTNI7tfIglnEZRQJrA2W2n3XcL:xtjx5FlTOdE0Ef23XcL
Static task
static1
Behavioral task
behavioral1
Sample
karta_UIlijhNa.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
85.31.45.39
85.31.45.250
85.31.45.251
85.31.45.88
Targets
-
-
Target
karta_UIlijhNa.exe
-
Size
3.7MB
-
MD5
cc708eb42b9645c82b27589285266b2e
-
SHA1
3bafdae3309703dfe5e3901330f3b78e2480de98
-
SHA256
b67e317d93ff80dffe210a1a77b4608127594b6beac4ecc73b9a6d89ffd95b5f
-
SHA512
2cfe5a67df789b7da4e4e909d39fa4781bb2532393a226fed1e439702a3d326196eb799d1f8aa40e805705636159fb58c2962ff4daae226e94a4fd1305fcb9a1
-
SSDEEP
98304:EYt7YOxhQYGg3lBfiCTNI7tfIglnEZRQJrA2W2n3XcL:xtjx5FlTOdE0Ef23XcL
-
Downloads MZ/PE file
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-