General
-
Target
ThriveLauncher_Windows_Installer_2.0.3.0.exe
-
Size
37.5MB
-
Sample
230914-sq76csch6v
-
MD5
2fa4529a012e5d45c5d61579fa597f31
-
SHA1
9f4f00e660387c5c1e1052e9de0d12aa0e26eca8
-
SHA256
fee1bc7a3556dbb9236b7eea805b4f1adf5464bb5166c9006df03cf217c92c16
-
SHA512
fcd0ea96c366f2aed5573cd89961e2321099a96e04fdfd31a95a71ce8f7465a62de301d2ed58016c075f9775437294319a9f03cee21aacb1624b995b871a9295
-
SSDEEP
786432:+zrtgFHME6SkKlU1uLUicoRHQE0/J46hu3CgON76R2jv03y33vE:+zpOZ69KWUYEwEMJ4m+NS0ev03+3vE
Malware Config
Targets
-
-
Target
ThriveLauncher_Windows_Installer_2.0.3.0.exe
-
Size
37.5MB
-
MD5
2fa4529a012e5d45c5d61579fa597f31
-
SHA1
9f4f00e660387c5c1e1052e9de0d12aa0e26eca8
-
SHA256
fee1bc7a3556dbb9236b7eea805b4f1adf5464bb5166c9006df03cf217c92c16
-
SHA512
fcd0ea96c366f2aed5573cd89961e2321099a96e04fdfd31a95a71ce8f7465a62de301d2ed58016c075f9775437294319a9f03cee21aacb1624b995b871a9295
-
SSDEEP
786432:+zrtgFHME6SkKlU1uLUicoRHQE0/J46hu3CgON76R2jv03y33vE:+zpOZ69KWUYEwEMJ4m+NS0ev03+3vE
Score9/10-
CoreEntity .NET Packer
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-