General
-
Target
5543ec7918879f075e2714ba2aa7995b.exe
-
Size
17.1MB
-
Sample
230728-ld6y7sdc4z
-
MD5
5543ec7918879f075e2714ba2aa7995b
-
SHA1
e72fc9f9fa3030ecb9e71ee81d9b1f301717db0a
-
SHA256
df3c28e2ab0948020e93b8850dfc16b842f2ed5ce7ebf18c5f536c0cabbae2d3
-
SHA512
53fc8e43b5ec22666ccda2a3c212cfb0ba366d266ee290ca9e6be232b0919048e427abe843715014a6ebb8a62a61fbdab1ae6327215a931cca340900ced1a3ee
-
SSDEEP
393216:s4wctNG7SXLKhzMEOzMjjZlguA44g7Li70+VVuNcPN/S6nr2tAj:VwJGLYPnzguA44gHZUNK6noAj
Malware Config
Targets
-
-
Target
5543ec7918879f075e2714ba2aa7995b.exe
-
Size
17.1MB
-
MD5
5543ec7918879f075e2714ba2aa7995b
-
SHA1
e72fc9f9fa3030ecb9e71ee81d9b1f301717db0a
-
SHA256
df3c28e2ab0948020e93b8850dfc16b842f2ed5ce7ebf18c5f536c0cabbae2d3
-
SHA512
53fc8e43b5ec22666ccda2a3c212cfb0ba366d266ee290ca9e6be232b0919048e427abe843715014a6ebb8a62a61fbdab1ae6327215a931cca340900ced1a3ee
-
SSDEEP
393216:s4wctNG7SXLKhzMEOzMjjZlguA44g7Li70+VVuNcPN/S6nr2tAj:VwJGLYPnzguA44gHZUNK6noAj
Score10/10-
RMS
Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-