General
-
Target
FyreMC-0.9.4-x64-Setup (1).exe
-
Size
104.9MB
-
Sample
240222-11fg4agb28
-
MD5
f4bb541872d75e52e78c118f185256cf
-
SHA1
1d9801bb31684e1123ef1a247998b26ed2e7ccc0
-
SHA256
f01269f2d23a031b8123f8e01ec08876518f3f38f80155e0f5231eb0ee8bbd99
-
SHA512
7c78b13a2ab39c31b7920861b57797c08d8465126df628726e1ce93b877e825e0c7aa8001dc2675c468b6269e8a898b59163d89822bbc73579c1aa7f0e34f871
-
SSDEEP
1572864:tjPhyc6RWoZIDl7IduXILeKF3ihIwfyyuKUSiaN94BN493e/xzxBTIYDkCytP1Ey:tjZRhIQi5JwmZBCu/nBTNSP1EvBgWq
Static task
static1
Behavioral task
behavioral1
Sample
FyreMC-0.9.4-x64-Setup (1).exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
FyreMC-0.9.4-x64-Setup (1).exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
FyreMC-0.9.4-x64-Setup (1).exe
-
Size
104.9MB
-
MD5
f4bb541872d75e52e78c118f185256cf
-
SHA1
1d9801bb31684e1123ef1a247998b26ed2e7ccc0
-
SHA256
f01269f2d23a031b8123f8e01ec08876518f3f38f80155e0f5231eb0ee8bbd99
-
SHA512
7c78b13a2ab39c31b7920861b57797c08d8465126df628726e1ce93b877e825e0c7aa8001dc2675c468b6269e8a898b59163d89822bbc73579c1aa7f0e34f871
-
SSDEEP
1572864:tjPhyc6RWoZIDl7IduXILeKF3ihIwfyyuKUSiaN94BN493e/xzxBTIYDkCytP1Ey:tjZRhIQi5JwmZBCu/nBTNSP1EvBgWq
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-