General
-
Target
MalwareDataBase-main.zip
-
Size
275.1MB
-
Sample
230622-r2hjeagc6s
-
MD5
be05e54436ffea2893b2c633c056b7ac
-
SHA1
2edc27685f0bcecd837b85843e7c873930df5da0
-
SHA256
18be7cd3177eb9cfc121e4db9d1b3ca0f4ef4ae19e160d07f701ad22352b244d
-
SHA512
61df70ff8015fe9f74ee9bdb8e7140961eadcb3780a791ba79465cd0a95801c18e8c3c8267ff7b0830b8052a1c92ae7572c44bc85d2d47293a06b38388a13a8a
-
SSDEEP
6291456:qPeZl6ByDH/0ge8FVT4hk4fuGcKXNH/eFta7/F0VraKV6:qVkb0f8HaZzNHWFO/aVrax
Malware Config
Targets
-
-
Target
MalwareDataBase-main.zip
-
Size
275.1MB
-
MD5
be05e54436ffea2893b2c633c056b7ac
-
SHA1
2edc27685f0bcecd837b85843e7c873930df5da0
-
SHA256
18be7cd3177eb9cfc121e4db9d1b3ca0f4ef4ae19e160d07f701ad22352b244d
-
SHA512
61df70ff8015fe9f74ee9bdb8e7140961eadcb3780a791ba79465cd0a95801c18e8c3c8267ff7b0830b8052a1c92ae7572c44bc85d2d47293a06b38388a13a8a
-
SSDEEP
6291456:qPeZl6ByDH/0ge8FVT4hk4fuGcKXNH/eFta7/F0VraKV6:qVkb0f8HaZzNHWFO/aVrax
Score9/10-
Modifies boot configuration data using bcdedit
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-