General
-
Target
Cyber Hunter Install.7z
-
Size
197KB
-
Sample
231225-mmxbssgcf4
-
MD5
6bf02ad4d33f4404024033f6d3918c4a
-
SHA1
0bf95b91926b56f990811c2e7d7889fb99959c47
-
SHA256
26d1a7f43e36efda53ec80f7914ecf5cf210eaad47d767c7c8b2dfe8fecf8301
-
SHA512
33936c4dc2db6d53a19113f07cd4ec1841c9ef45439289589ff35a0c831fb3f5e0d0d7d4004e4ecc3860a5eafa12dc63f82f0c8feb743ba8b5235fd5914296c6
-
SSDEEP
3072:3NRrufXJfSnS5GJVSw5K7X6VIOWGf0zA13lWDw8+G5ICuK+D1kwr+gVB:ruRjgJgqm6VIxu1Yr+G5IlD1Nr+CB
Static task
static1
Behavioral task
behavioral1
Sample
Cyber Hunter Install.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Cyber Hunter Install.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
marsstealer
Default
moscow-post.com/xaoniu/server/waungowangued/g.php
Targets
-
-
Target
Cyber Hunter Install.exe
-
Size
4.9MB
-
MD5
f836f277cbcadfecfc988bf350d410c3
-
SHA1
f9a66d7876a6eb09763e0705beaa999d99f53754
-
SHA256
d38bc9871b0eba08a6b77314a6d3fdc94531315c2659ea60d8d23b4450ed3838
-
SHA512
ac284e90bf72d564ceaeda28383efc8793f286002d2d7ae37f08f05a9170faa5f77a8e741cb60fabb1f48f9abc769070fc3620fa9c5d7dfce60029b6d58c8280
-
SSDEEP
12288:D6BeSpuojQEv1E729k4nRQ/ceb5WdWOeoP3/F+2nGr6A5zuzhGlC5LcB+cVgeMtb:E0yLW2mudcocIE
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-