General
-
Target
PollyMC-Windows-MinGW-w64-Setup-8.0.exe
-
Size
36.6MB
-
Sample
240223-prvd4sgc56
-
MD5
77f098ad333889de410f665e4f9a8702
-
SHA1
6b8e8abe6a374f02a88058961f180818cfcf7670
-
SHA256
1c04ed11ce29fcfc3186144f0f907b70296132eb3db89044463cb14b97eb87d0
-
SHA512
711326a015e02dd4789023fbefeaedc769d0ef33668497c107cb3c512a2acc2fa312d3cd5011d3a510ccb87ce236bfe0fc1d4b253b332c2e6ecd9ff6e7c6af9c
-
SSDEEP
786432:2KQbhz5LGoCjmcE/ppyp22HaxvPAXkFeOLV61DDKr0wlqDIgtQ:2FLCjmphS2iSvfJLQxKr0wlw2
Static task
static1
Behavioral task
behavioral1
Sample
PollyMC-Windows-MinGW-w64-Setup-8.0.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral2
Sample
PollyMC-Windows-MinGW-w64-Setup-8.0.exe
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
PollyMC-Windows-MinGW-w64-Setup-8.0.exe
-
Size
36.6MB
-
MD5
77f098ad333889de410f665e4f9a8702
-
SHA1
6b8e8abe6a374f02a88058961f180818cfcf7670
-
SHA256
1c04ed11ce29fcfc3186144f0f907b70296132eb3db89044463cb14b97eb87d0
-
SHA512
711326a015e02dd4789023fbefeaedc769d0ef33668497c107cb3c512a2acc2fa312d3cd5011d3a510ccb87ce236bfe0fc1d4b253b332c2e6ecd9ff6e7c6af9c
-
SSDEEP
786432:2KQbhz5LGoCjmcE/ppyp22HaxvPAXkFeOLV61DDKr0wlqDIgtQ:2FLCjmphS2iSvfJLQxKr0wlw2
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-