General
-
Target
Install_0007.exe
-
Size
31.8MB
-
Sample
240112-ghxtwaffbm
-
MD5
70c8852301ccccd2f56d33801d8f3b35
-
SHA1
5ef8f07364aed4d8eed395967bcf9371a00e02e1
-
SHA256
1bf09c9be57c97e86edd4653f67007599bc4c0a414e71b2535e63170a2c4966e
-
SHA512
5ea7467f2cedee41a5166864be9ee0aa795f9671136fcc8a083c954e7f3915087b2a2f34817147af66647632964459d297fdc6fb17b7be47004a419dd032b2ec
-
SSDEEP
393216:vQIk+HbEIT6cbhz7897ewrqrFl8EOIVtYI6ISdAUF90YUEHDnWs9U+npr5ZaZJu5:vQRQbhns7e3rnxtE1XXNvxqLF7W
Malware Config
Targets
-
-
Target
Install_0007.exe
-
Size
31.8MB
-
MD5
70c8852301ccccd2f56d33801d8f3b35
-
SHA1
5ef8f07364aed4d8eed395967bcf9371a00e02e1
-
SHA256
1bf09c9be57c97e86edd4653f67007599bc4c0a414e71b2535e63170a2c4966e
-
SHA512
5ea7467f2cedee41a5166864be9ee0aa795f9671136fcc8a083c954e7f3915087b2a2f34817147af66647632964459d297fdc6fb17b7be47004a419dd032b2ec
-
SSDEEP
393216:vQIk+HbEIT6cbhz7897ewrqrFl8EOIVtYI6ISdAUF90YUEHDnWs9U+npr5ZaZJu5:vQRQbhns7e3rnxtE1XXNvxqLF7W
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-