General
-
Target
File_NewInstall_4455_The_Pa$$word.rar
-
Size
43.7MB
-
Sample
230608-yqn1daaf7x
-
MD5
160eaac54e56d9a3389b3dfae5104f13
-
SHA1
e5fa4cbc883ce0e68c7e299d0f5a2585eea306cb
-
SHA256
307e88a3540c6f1a77764affc54feef9d3d1b9012b0c8d21641fa0ef3d7dea5e
-
SHA512
b9892e4e61e5878492f2fa1c9c9b2512027db2618fd7789a93c6033b2b02e2023587e40382480062e1dfb93dfc13b729ad58f27a3638d7d26f2167fe390cf677
-
SSDEEP
786432:mgR1KyoaCRxll/yiHRQeumrTC9d6rsXBs2H36n8jAgUl6b5ww1h3Yvj:mgAaATllSIC/6rv+36nrleRFQ
Static task
static1
Behavioral task
behavioral1
Sample
installer_2023_35008_8kV-8J1.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
installer_2023_35008_8kV-8J1.exe
-
Size
29.6MB
-
MD5
dae330ba1c5a687698ec662ba7a71727
-
SHA1
f8c306294babfe737dd612c9b5abb35e9f73c687
-
SHA256
f41f9cc12263327a796353cb937900ee525915be48b469111b310d03a6e02e4b
-
SHA512
52a3b80c8b25df78f8164e5675097aba08fe0a4016c385634a75f985c8a97afef2bce5e99105d8012f3fb7f29a684edf0235093984a17424a3ba5622b9492ffe
-
SSDEEP
786432:EE8DOhuFl5F78l8gmNJ2LJaAQFVC8dN3iv/tXtUAW:EEwpx8larNYtXt7
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-