General
-
Target
HA CRYPTO V1.0.rar
-
Size
1.0MB
-
Sample
230605-xlytcaac27
-
MD5
bec3b7a52216b70e19d784f4394b025c
-
SHA1
0943ab073e6708566f8a329b175c220b3752473b
-
SHA256
4d32ae50150b702a44210415c4dfd4db7cc990ff482662a664224140f49050de
-
SHA512
6a26a549d019f128c8e8f9e0f375112f625552f4c37a9df181e5c5ebb9d8f729c5b4f9e9d8983a49957713ae4ec61b748b29c97ab790ff80dfb4235e56acabb7
-
SSDEEP
24576:8I92GlbI7/kxlezSIICMjvURwSH2RLuYiqdvv49L+PsBt522:8I92Gi7WtIICMj4h+utkvScq22
Malware Config
Targets
-
-
Target
HA CRYPTO V1.0/HA CRYPTO V1.0.exe
-
Size
214KB
-
MD5
e6e477a66679ae79c895d2feb33cffc4
-
SHA1
3644b76b669d90ea99d68f4b8a9c3c72a8a7ae04
-
SHA256
89e7bcd5d477af3ae6dd5aaeb3203e731fb5b4b3de535a428f046e93b56bb258
-
SHA512
6766a50ccb52d2bacefb4db022418e785ebc9737952b6176a210a35148766b0bf20a14ea8564a625ef587d1b1ef93495639f4792aa335827fc7b6ef28ce137a0
-
SSDEEP
1536:34lLePESP2Wh3ydtORH4nczOv4RZFrBvDukGIIH5oEJMz:34lLcOWhUttnB4xBvDupIIZlMz
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
-
-
Target
HA CRYPTO V1.0/OpenCL/Ionic.Zip.dll
-
Size
480KB
-
MD5
f6933bf7cee0fd6c80cdf207ff15a523
-
SHA1
039eeb1169e1defe387c7d4ca4021bce9d11786d
-
SHA256
17bb0c9be45289a2be56a5f5a68ec9891d7792b886e0054bc86d57fe84d01c89
-
SHA512
88675512daa41e17ce4daf6ca764ccb17cd9633a7c2b7545875089cae60f6918909a947f3b1692d16ec5fa209e18e84bc0ff3594f72c3e677a6cca9f3a70b8d6
-
SSDEEP
6144:OhagC/Mq25o9sXGtSV41OJDsTDDVUMle6ZjxLV/kHu4Bht79I9:iagxWS4msNUCe65fkHdBf9
Score1/10 -
-
-
Target
HA CRYPTO V1.0/OpenCL/IronPython.SQLite.dll
-
Size
621KB
-
MD5
b7efbf654402c78226b8d69ad0011bbb
-
SHA1
52cc6c9a2a40339ec840cc599240f405e425da14
-
SHA256
5a6e2eda86e863e155f67cebef095355b7ea7b1dcd97d87e4058f0a5ac60d798
-
SHA512
496396a301eebc6504dbc57842920649d12dc239c47f81a06079aa8b18ff506545614be5a6f92334c4279eb99b57682cc8033fd99edaf28f041db619993be575
-
SSDEEP
12288:KmVPzrnoxe8/53HzsWzjF//HfKNhcPMeulFC05G:KmVPz4eq3wWHRPfKoclFV
Score1/10 -
-
-
Target
HA CRYPTO V1.0/OpenCL/Launcher.exe
-
Size
53KB
-
MD5
c6d4c881112022eb30725978ecd7c6ec
-
SHA1
ba4f96dc374195d873b3eebdb28b633d9a1c5bf5
-
SHA256
0d87b9b141a592711c52e7409ec64de3ab296cddc890be761d9af57cea381b32
-
SHA512
3bece10b65dfda69b6defbf50d067a59d1cd1db403547fdf28a4cbc87c4985a4636acfcff8300bd77fb91f2693084634d940a91517c33b5425258835ab990981
-
SSDEEP
768:FKtnBTTQi/YqMFlVt52ftDhKeoNzZq8OujxUu5XEAb4b9yvMzUV5:qBTUgYFveDRuFEAb4b99QV5
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
-
-
Target
HA CRYPTO V1.0/OpenCL/ha.exe
-
Size
846KB
-
MD5
61cb5a96ddb3c1e9d4d076c7c04e1828
-
SHA1
85253945e91e7b713ce8ad7e7c30a10460bcbc6e
-
SHA256
667502bcf799a6d7941ad839ccbcf303477a140d0b8d9576dcd9c535e112860f
-
SHA512
6372160f218547898456733f5e170f10bdf6e6fc487e958ae68e170c1643d7fb982dcf26689d23d3297d0302d8906dcd34395dd327a42c2968f0f376651fe194
-
SSDEEP
12288:Jc325wPqaPq308o5M1io9SIaGgTpWPqaPqOPqj:rWyay3q58jSz/pWyayOyj
Score1/10 -
-
-
Target
HA CRYPTO V1.0/OpenCL/mfc100cht.dll
-
Size
36KB
-
MD5
61a56eb574daa6ceab692f98be3e5bb6
-
SHA1
b52aa36e1a2594fe0ac97ee0b867df822d223b76
-
SHA256
928f0528706576c2f7211e98462e87e03bfc14eb7a84ca3531f45ce1d9f080a3
-
SHA512
0b787be453e7d55b810e3075ab96e9f07a7f4a10d34c9082f17c26db0578a7199ddfccf1749c87c97541f9484908e59b1a237361b92123f98880dc5835173124
-
SSDEEP
384:m1cPmgt96DteT9X2IEI41W4WA1G/7kn4TJgUqJgM3KbgkE3H+iihZ2+10vq0GftC:muufpTVI4P+7kn4TJVM3i/EhK2iex
Score1/10 -
-
-
Target
HA CRYPTO V1.0/mfc100cht.dll
-
Size
36KB
-
MD5
61a56eb574daa6ceab692f98be3e5bb6
-
SHA1
b52aa36e1a2594fe0ac97ee0b867df822d223b76
-
SHA256
928f0528706576c2f7211e98462e87e03bfc14eb7a84ca3531f45ce1d9f080a3
-
SHA512
0b787be453e7d55b810e3075ab96e9f07a7f4a10d34c9082f17c26db0578a7199ddfccf1749c87c97541f9484908e59b1a237361b92123f98880dc5835173124
-
SSDEEP
384:m1cPmgt96DteT9X2IEI41W4WA1G/7kn4TJgUqJgM3KbgkE3H+iihZ2+10vq0GftC:muufpTVI4P+7kn4TJVM3i/EhK2iex
Score1/10 -