General
-
Target
047ec05ab6fef687573f426713e3e882c36861bcedd0f65fb3e6a6c6b5a3a957
-
Size
8.3MB
-
Sample
240202-w658gsegar
-
MD5
addafed6560daa08e456d9b31fbd9979
-
SHA1
97c8abdb71a869779259c547f5bd37407f321a5d
-
SHA256
047ec05ab6fef687573f426713e3e882c36861bcedd0f65fb3e6a6c6b5a3a957
-
SHA512
b824e59bb54cdb8be73c9e231f43bef849281f7380ce8e089d9e0b4cad40e50cfee429f9f7187591274903741a1276f1402de4be266478120a12a0ca08d3b50e
-
SSDEEP
196608:7EnuGWhh+6ZLnb4bRwLLlc1kd0HGU/hSZFNqgCbljhk:r0+LnuRwH+IFZ3qpbli
Static task
static1
Behavioral task
behavioral1
Sample
047ec05ab6fef687573f426713e3e882c36861bcedd0f65fb3e6a6c6b5a3a957.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
047ec05ab6fef687573f426713e3e882c36861bcedd0f65fb3e6a6c6b5a3a957
-
Size
8.3MB
-
MD5
addafed6560daa08e456d9b31fbd9979
-
SHA1
97c8abdb71a869779259c547f5bd37407f321a5d
-
SHA256
047ec05ab6fef687573f426713e3e882c36861bcedd0f65fb3e6a6c6b5a3a957
-
SHA512
b824e59bb54cdb8be73c9e231f43bef849281f7380ce8e089d9e0b4cad40e50cfee429f9f7187591274903741a1276f1402de4be266478120a12a0ca08d3b50e
-
SSDEEP
196608:7EnuGWhh+6ZLnb4bRwLLlc1kd0HGU/hSZFNqgCbljhk:r0+LnuRwH+IFZ3qpbli
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-