General
-
Target
MARIOMODMENUFREEE10000exe.exe
-
Size
1.2MB
-
Sample
230701-h1r7safh76
-
MD5
9a96b18076233d33d7a1ae5b66b77f8c
-
SHA1
c7155e3609388f7a1067d4e4b66ace6f18f0d364
-
SHA256
f899dbc9ddc96b4579297d98cfd0a66d933d3dd61570d7c87533ddbcea6b4b8f
-
SHA512
5a9ce52ee5d15a3005fddcbc33481263d4814642d08c7ad725162aaa37c78cf20ac82999e758e95534227b01bd335e9306cc4fe03daadf81a30a791b5e4e0643
-
SSDEEP
24576:+fOyQ22tgmeIFx0lB46MHuXWmVLgfo/+DGsgu5nZXQ0tyJ81rARpJjBBp/D:+GRBHul6HuxVLBIpxVj92pvBp
Static task
static1
Behavioral task
behavioral1
Sample
MARIOMODMENUFREEE10000exe.exe
Resource
win7-20230621-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
MARIOMODMENUFREEE10000exe.exe
-
Size
1.2MB
-
MD5
9a96b18076233d33d7a1ae5b66b77f8c
-
SHA1
c7155e3609388f7a1067d4e4b66ace6f18f0d364
-
SHA256
f899dbc9ddc96b4579297d98cfd0a66d933d3dd61570d7c87533ddbcea6b4b8f
-
SHA512
5a9ce52ee5d15a3005fddcbc33481263d4814642d08c7ad725162aaa37c78cf20ac82999e758e95534227b01bd335e9306cc4fe03daadf81a30a791b5e4e0643
-
SSDEEP
24576:+fOyQ22tgmeIFx0lB46MHuXWmVLgfo/+DGsgu5nZXQ0tyJ81rARpJjBBp/D:+GRBHul6HuxVLBIpxVj92pvBp
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-