General
-
Target
efe42e097392ba07bdbc1b30ed12f46f.bin
-
Size
217KB
-
Sample
231227-cjmm3sgccn
-
MD5
c2c992433d42e94263bd6eda1cca6b16
-
SHA1
0847ad4a250628ad797b10e5547a2032992b66e0
-
SHA256
d269a5c94272ec07cea72bcf2fb277671661bd79f485067c8ba20d91435979e2
-
SHA512
7eb06b04af0b9a83e0ceac5ce99e1c942946faccaf2b1977fa254fc1b9fe613a2aebb62d1263273dbb61fe8c5ccfa2dc3cdbdd7cf572e49f1b2e1fd2fd2fbb6b
-
SSDEEP
6144:JCwk9Ud+o9HLBJanu17Y1A0RWBHbgRr/bwNmeLfK:JCwk9Ud+oxLBJmSU1FRWB7Gr/iLC
Static task
static1
Behavioral task
behavioral1
Sample
9d15283240ff79899aeb0f2866c51b75d953e5c04a8069397734a3cb6aef87af.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
9d15283240ff79899aeb0f2866c51b75d953e5c04a8069397734a3cb6aef87af.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
marsstealer
Default
moscow-post.com/log/loger.php
Targets
-
-
Target
9d15283240ff79899aeb0f2866c51b75d953e5c04a8069397734a3cb6aef87af.exe
-
Size
5.7MB
-
MD5
efe42e097392ba07bdbc1b30ed12f46f
-
SHA1
6e67c0ce64661b8f12c453d182fadcf9b81225b8
-
SHA256
9d15283240ff79899aeb0f2866c51b75d953e5c04a8069397734a3cb6aef87af
-
SHA512
87147c5b0a5016d5a6f36e980cf294880a78ca3b3491ca1e90bd5664f3d6405da4259ae486544f7b355cf6e29eeb80273336b9f2fbb5928730eda3584b8a1005
-
SSDEEP
12288:MPZV/cS4H8+Gc8DWKwJa8JdrBoyvCRH96m2iii2Tc:MRV2iWih
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-