General
-
Target
jre1.8.0_361.zip
-
Size
89.4MB
-
Sample
231202-e49z8ahg91
-
MD5
750f5b13fe1ee71497f5228138e4f8c7
-
SHA1
c8cdfcfb3179cbbe5fe8c4bb7f920dd7c5486b1d
-
SHA256
ce236d04aae0118265f73e1775a0ce05aa6357e0922905b2d08540f100c37ee5
-
SHA512
a3dee9b2312a4dda610e8250edfc325ce469e9cb288d69432a6e941922ccde3c6a26ef9002a91d27c918a4830e795405931e3f33d049e5a047fa6fb02a55d016
-
SSDEEP
1572864:ULMQwl1f2KpJtnskXD8ma7p4ABTv8pMyhONCQ0dk80G9EOymJKAQn5cST7gJJ5Xt:qwlV9Jh/Da7pLTvUO70dk80G9EOVm5lS
Static task
static1
Behavioral task
behavioral1
Sample
sorrilus.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
sorrilus.exe
-
Size
10.3MB
-
MD5
e4732ee9e8c0aa3276a51141b8b9b2d9
-
SHA1
3f5a763f1571551505fe89bdb2287b001a8ff009
-
SHA256
314278fc36d4bf2c2051c64b5dd274c6254e51c8db45bb5174750839f63bab53
-
SHA512
207c194c0d8554d84bbbecda4f06c746bdf3a77b3db0cab1717c029244d5f86a1357e9c3861f53e5e19f6b5d00d77c18cd923ef6d93b94eeb0128300872ae0a4
-
SSDEEP
196608:O2SvZ+chSsAhnS9+vFKWdfnP4L20N37Y2BqJMUrE6ed1g2ceCLTG1L09+Y7Ru:OlvZxBAA+vF55AL20UaeVy1pceCXEL09
-
Class file contains resources related to AdWind
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-