General
-
Target
b9a8daac90993d6759cd99ff322b1c67.exe
-
Size
4.5MB
-
Sample
230504-y5xwtsfa27
-
MD5
b9a8daac90993d6759cd99ff322b1c67
-
SHA1
189c38dd976accb24c99b04d1d3ed8f082993638
-
SHA256
3d7299a0ffa6067676f8b49b6fbd85d32a9b9597355712b293e2a94ad4a362b5
-
SHA512
486f4f894488f5bc9c383ad05d66af6ea4557cda11fe2f34b1abc8444674fb1437635b2d09f3597db4c79708d116bdefd3d2ef168c9426f471ea62159bca0d61
-
SSDEEP
98304:2GgIlPKNT8aXeHEl/60qSAHbCej1j7eLdFZ:2GzoT82+VSA74dF
Behavioral task
behavioral1
Sample
b9a8daac90993d6759cd99ff322b1c67.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
b9a8daac90993d6759cd99ff322b1c67.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
b9a8daac90993d6759cd99ff322b1c67.exe
-
Size
4.5MB
-
MD5
b9a8daac90993d6759cd99ff322b1c67
-
SHA1
189c38dd976accb24c99b04d1d3ed8f082993638
-
SHA256
3d7299a0ffa6067676f8b49b6fbd85d32a9b9597355712b293e2a94ad4a362b5
-
SHA512
486f4f894488f5bc9c383ad05d66af6ea4557cda11fe2f34b1abc8444674fb1437635b2d09f3597db4c79708d116bdefd3d2ef168c9426f471ea62159bca0d61
-
SSDEEP
98304:2GgIlPKNT8aXeHEl/60qSAHbCej1j7eLdFZ:2GzoT82+VSA74dF
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-