General
-
Target
CustomRP.1.17.8.exe
-
Size
4.9MB
-
Sample
230603-kev3nage3s
-
MD5
de72285902e7a019a0f51f19e4e86d2e
-
SHA1
57831c59b753fa020ab53135d8a86f6d95e41667
-
SHA256
cea3a9f2349a4986e2a5423867aa74b2d9fa178395730513e8106d39e523eeab
-
SHA512
e7542904fc6e02e36371fe94ffa44563d0ff3eef28e2659edf0eab8a0e38f6043ae4d5122cb61687f118c912d848c817f2152bd76632ae5458f76feea26d26f8
-
SSDEEP
98304:AkLPuTOMbK5fKO1hIrnPu52mLetEgna3301cCBA:fPuxbKNKO1SW0tKgna33ZCBA
Static task
static1
Malware Config
Targets
-
-
Target
CustomRP.1.17.8.exe
-
Size
4.9MB
-
MD5
de72285902e7a019a0f51f19e4e86d2e
-
SHA1
57831c59b753fa020ab53135d8a86f6d95e41667
-
SHA256
cea3a9f2349a4986e2a5423867aa74b2d9fa178395730513e8106d39e523eeab
-
SHA512
e7542904fc6e02e36371fe94ffa44563d0ff3eef28e2659edf0eab8a0e38f6043ae4d5122cb61687f118c912d848c817f2152bd76632ae5458f76feea26d26f8
-
SSDEEP
98304:AkLPuTOMbK5fKO1hIrnPu52mLetEgna3301cCBA:fPuxbKNKO1SW0tKgna33ZCBA
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-