General
-
Target
Application65c9095380496.rar
-
Size
7.9MB
-
Sample
240211-wl5q8acd24
-
MD5
1eef11e912ec086f8c9ce16257eb8bcc
-
SHA1
c2f48718abcfc2d7dc9cf64e669a8a86238d3e67
-
SHA256
47c93f0a295867a3140de9e1fd3bfeccdd02fb3bbc82b93ee7e3f8a759f585ab
-
SHA512
11bd1ed1f397448902bc5a58b70cb3beb0b57d5ef6a95f33b5d63e02bd610c8602a34cb7b8104e842c56748817d31f91e838155765b5596e3f94e04f4d827062
-
SSDEEP
196608:r3VQq12Ro+k2LcM6L7f9+mzWKhKSw901hyNcEIi+je0ydUp7/:rDoy+k2Jcf9+NqHyNcEIi+CSp7/
Static task
static1
Behavioral task
behavioral1
Sample
Application65c9095380496.rar
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Application65c9095380496.rar
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
Application65c9095380496.rar
-
Size
7.9MB
-
MD5
1eef11e912ec086f8c9ce16257eb8bcc
-
SHA1
c2f48718abcfc2d7dc9cf64e669a8a86238d3e67
-
SHA256
47c93f0a295867a3140de9e1fd3bfeccdd02fb3bbc82b93ee7e3f8a759f585ab
-
SHA512
11bd1ed1f397448902bc5a58b70cb3beb0b57d5ef6a95f33b5d63e02bd610c8602a34cb7b8104e842c56748817d31f91e838155765b5596e3f94e04f4d827062
-
SSDEEP
196608:r3VQq12Ro+k2LcM6L7f9+mzWKhKSw901hyNcEIi+je0ydUp7/:rDoy+k2Jcf9+NqHyNcEIi+CSp7/
Score10/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-