General
-
Target
Anarchy Panel 4.7.zip
-
Size
5.8MB
-
Sample
230625-lew6dsee8w
-
MD5
2bedc38f45cbd88a2a617f92c92d43b5
-
SHA1
576ecdf132b66992b55a3f3986405209e150d989
-
SHA256
5e840076dd200bff8e6a9f2abb94ea13196564c6d60e436d0c84cc148bce1b9a
-
SHA512
11a7e00f306fb9b982b10c351a75c273fff89cd841a94a37c04e9894797560d59f52634a3efca83b65007e76aaba09c9e6a5bde6c8e982f89565405051188cc8
-
SSDEEP
98304:QiX4/DxrPgnwaD84Qux2keP3FTU12QoqUVve8OnPeu2MFoW2bt//yQO5+HCpko0+:QP/DawaD84zxmP31mshOnPe5MFQ/TH67
Behavioral task
behavioral1
Sample
Anarchy Panel 4.7/Anarchy Panel.exe
Resource
win10v2004-20230621-en
Malware Config
Extracted
https://rentry.org/nipkv/raw
Targets
-
-
Target
Anarchy Panel 4.7/Anarchy Panel.exe
-
Size
71KB
-
MD5
921b80699829ba456a35ff4a4cc16861
-
SHA1
f01420e7dd677d50763c8344d33549076734682a
-
SHA256
a94809a32eb1cee1f9490410fe9592790fe00802c620b1b881fb0c8815b1efba
-
SHA512
a8d2650a9f7290ddaff5c0b1a842cfd4f473f91f23fc8d7f07294c528eb98cca63a48a5f5552c4bf33465f59b9f74fbc3c9d783064e927e8974ca316893c2bf1
-
SSDEEP
384:A67eCgMkHDsar3lL9O65uJor+1kKQmQhVXZzyM9MpPYAhk5:AFla6/wmhrV2pL
Score10/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-