General
-
Target
The Summer Waifu.exe
-
Size
5.7MB
-
Sample
231225-els9rafbb7
-
MD5
efe42e097392ba07bdbc1b30ed12f46f
-
SHA1
6e67c0ce64661b8f12c453d182fadcf9b81225b8
-
SHA256
9d15283240ff79899aeb0f2866c51b75d953e5c04a8069397734a3cb6aef87af
-
SHA512
87147c5b0a5016d5a6f36e980cf294880a78ca3b3491ca1e90bd5664f3d6405da4259ae486544f7b355cf6e29eeb80273336b9f2fbb5928730eda3584b8a1005
-
SSDEEP
12288:MPZV/cS4H8+Gc8DWKwJa8JdrBoyvCRH96m2iii2Tc:MRV2iWih
Static task
static1
Behavioral task
behavioral1
Sample
The Summer Waifu.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
The Summer Waifu.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
marsstealer
Default
moscow-post.com/log/loger.php
Targets
-
-
Target
The Summer Waifu.exe
-
Size
5.7MB
-
MD5
efe42e097392ba07bdbc1b30ed12f46f
-
SHA1
6e67c0ce64661b8f12c453d182fadcf9b81225b8
-
SHA256
9d15283240ff79899aeb0f2866c51b75d953e5c04a8069397734a3cb6aef87af
-
SHA512
87147c5b0a5016d5a6f36e980cf294880a78ca3b3491ca1e90bd5664f3d6405da4259ae486544f7b355cf6e29eeb80273336b9f2fbb5928730eda3584b8a1005
-
SSDEEP
12288:MPZV/cS4H8+Gc8DWKwJa8JdrBoyvCRH96m2iii2Tc:MRV2iWih
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-