General

  • Target

    5kplayer-setup.exe

  • Size

    6.9MB

  • Sample

    240302-3nbz9aad8y

  • MD5

    0cb8a509b925197bd4b94b4c835c8db9

  • SHA1

    b741c00855307aa3a8a3c52c651c2c8d969a4f78

  • SHA256

    02b4b6cd3a3a78cc764cb0ad573a9bce3ab0f1681d5e6926c9501e0ebcd7bbbb

  • SHA512

    7901dd30c8b4169db731006e4e8c33aeada24ae3908999755ee45601e3824a8e845d5bea00c37207373615f6bf1c8acf1cde0d579edaefbacad01d323d227b2b

  • SSDEEP

    196608:aVsR6S7xbdSAGLoAu6pKph80WK0oASRL7/zwVGNOufRLsDz:jVcAGLoAuPpoK9AeL7rBjRLsX

Malware Config

Targets

    • Target

      5kplayer-setup.exe

    • Size

      6.9MB

    • MD5

      0cb8a509b925197bd4b94b4c835c8db9

    • SHA1

      b741c00855307aa3a8a3c52c651c2c8d969a4f78

    • SHA256

      02b4b6cd3a3a78cc764cb0ad573a9bce3ab0f1681d5e6926c9501e0ebcd7bbbb

    • SHA512

      7901dd30c8b4169db731006e4e8c33aeada24ae3908999755ee45601e3824a8e845d5bea00c37207373615f6bf1c8acf1cde0d579edaefbacad01d323d227b2b

    • SSDEEP

      196608:aVsR6S7xbdSAGLoAu6pKph80WK0oASRL7/zwVGNOufRLsDz:jVcAGLoAuPpoK9AeL7rBjRLsX

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks