General
-
Target
paint.net.5.0.7.install.x64.zip
-
Size
62.0MB
-
Sample
230720-rz4c4ahf51
-
MD5
44eab3670b8154adab3dda1ceee4611c
-
SHA1
91d5e624c94d8b3ab972b141483884c3c415b54e
-
SHA256
79ba9f22e360abcd48c0c806213f6a2ec29a8830fd20e2a185f9218e239fd874
-
SHA512
1fbe9ae818837382f70090bda22367df3edb054ac7c7c228b9df3618759363cc4b76f476cf516dc5ad4c97205573d6fb0d9ad0a1dab36745a3f56cb6c95abd4b
-
SSDEEP
1572864:WL9GYfh9u+C8KnNQONV87cbHkbVHo7dmZXlyz:WZFW8KzNVLbF7YXlyz
Static task
static1
Behavioral task
behavioral1
Sample
paint.net.5.0.7.install.x64.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
paint.net.5.0.7.install.x64.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
paint.net.5.0.7.install.x64.exe
-
Size
62.3MB
-
MD5
6f86aae6d0ae5f9528dbb3f0e79c6b18
-
SHA1
b08e7584742aa1bfb0b4392137a5f5d5054c0407
-
SHA256
66699c704e29cddea138939d15975d148c5579921d2644436e6288fd1ed952d6
-
SHA512
e8188e775c6983c1486b0fbf12c816a8d0782ced4e28d2a6b70335998485a28689bbbe2fc0bb9a9f90f9b7c3607cadaaf54cd8e5fb2325ad99bb38a6be7e20eb
-
SSDEEP
1572864:mXR4eDZdsOA4k35+yJ+Tmz9OXBVUp3W/Zl8D:mB1e4q1JZzZp8Zl8D
Score9/10-
CoreEntity .NET Packer
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-