General
-
Target
PacketsHub_Installer.exe
-
Size
3.1MB
-
Sample
230424-1472hseh22
-
MD5
10987a206470bc3a20a292e1bd925034
-
SHA1
0ad43d150fcd11aa5e8a9ea5bd57b4229327fe42
-
SHA256
f0123e5befdbf3ec251f956c9c0515cf5888f976d83c54c72464344b99fc18c9
-
SHA512
78766a06c8f6fad905776394d646a8ff90e46766b5c617f0f0dd56109a58686a9184ebdee9773377e3b91b0711eef6f3eff998881442af5d3c5b0ab81112aaed
-
SSDEEP
49152:EsWZjafnyOqjcD9qUohmMzzn1CBNOQF/t6KHJl0xLMwzUs:LraOWcD9XdMPABIw/t6KHDiAwzUs
Static task
static1
Malware Config
Targets
-
-
Target
PacketsHub_Installer.exe
-
Size
3.1MB
-
MD5
10987a206470bc3a20a292e1bd925034
-
SHA1
0ad43d150fcd11aa5e8a9ea5bd57b4229327fe42
-
SHA256
f0123e5befdbf3ec251f956c9c0515cf5888f976d83c54c72464344b99fc18c9
-
SHA512
78766a06c8f6fad905776394d646a8ff90e46766b5c617f0f0dd56109a58686a9184ebdee9773377e3b91b0711eef6f3eff998881442af5d3c5b0ab81112aaed
-
SSDEEP
49152:EsWZjafnyOqjcD9qUohmMzzn1CBNOQF/t6KHJl0xLMwzUs:LraOWcD9XdMPABIw/t6KHDiAwzUs
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-