General
-
Target
installer-bundle 2.exe.zip
-
Size
18.8MB
-
Sample
231103-nhx8zabe67
-
MD5
c3589122260cbac4080ce3b7d0b698a2
-
SHA1
2f4ea0a5f208db3b8773faa4b0970749a394fa29
-
SHA256
8644d2766bba6fd0c5f9b614db6e091a17d00585d259e37fc8466e0a53287083
-
SHA512
adc21006ea4e3e3555572dd0d93c673d291ca0a353bd41da5770743a4e505955c3cdef2a4c6a5e5270bdd2297a327bcbd5d688c5bc067c32b57eba4934ef90fc
-
SSDEEP
393216:zRs2qGmkIi2NyKyQyxYoLlCVvHt88Z12bRUO6G0ZFomDp6:Kumk2NyKbG8NVZ1uB6G0nFD8
Static task
static1
Behavioral task
behavioral1
Sample
installer-bundle.exe
Resource
win7-20231023-en
Malware Config
Extracted
jupyter
http://91.206.178.109
Targets
-
-
Target
installer-bundle.exe
-
Size
317.1MB
-
MD5
af6c44207d3af97297eab0ee12e1dc80
-
SHA1
84a3780b2cbe1353aa72074cf69a8a6df353af56
-
SHA256
bd6d8c48c1faad08dc110393275243acb0f5c7c8884d8c6663d2538cced4ad8e
-
SHA512
e536c119caf85895608ce0d6d99b81bfcb1240d842b246daefa923596ec225544ce36abd1c7da0e6909b80ffa37db6152570c64d2ba0c3d83af30aafba040c21
-
SSDEEP
393216:bqkG8OOkkGZ8Amek9iClXuv9PmcdbALPcOQe+F7oIuzE:28OeGZ8A/AEhdbgNQe+xzuY
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-