General
-
Target
Full_Setup_Installer.exe
-
Size
84.3MB
-
Sample
240330-25hzfshd83
-
MD5
8b624521d1738fbcc41d3579c69154bd
-
SHA1
619ea5848b7bd644cd547d50a6c89dd3b8e17c4c
-
SHA256
6518ca0d69133ff622a3d6e168caf6edec6abc20ecfdbf9444043a7e79c7caa0
-
SHA512
6b637f6dcfadc04ccf3fb14fbd2bbc2b8fddcfef09dc90e7dbae60fae076ab50025de57b4cbeb152755377735a88cc6f80e1df8c7c8ba6ddaf300ae37181a57c
-
SSDEEP
1572864:K+xiGHpY6LR9w6BCv83y6RuHJKfx/JrL/jqL++9DpkXCWqVDu0xXEpB:K+hzD8wneKfxxDm++DK6VDX6
Malware Config
Targets
-
-
Target
Full_Setup_Installer.exe
-
Size
84.3MB
-
MD5
8b624521d1738fbcc41d3579c69154bd
-
SHA1
619ea5848b7bd644cd547d50a6c89dd3b8e17c4c
-
SHA256
6518ca0d69133ff622a3d6e168caf6edec6abc20ecfdbf9444043a7e79c7caa0
-
SHA512
6b637f6dcfadc04ccf3fb14fbd2bbc2b8fddcfef09dc90e7dbae60fae076ab50025de57b4cbeb152755377735a88cc6f80e1df8c7c8ba6ddaf300ae37181a57c
-
SSDEEP
1572864:K+xiGHpY6LR9w6BCv83y6RuHJKfx/JrL/jqL++9DpkXCWqVDu0xXEpB:K+hzD8wneKfxxDm++DK6VDX6
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Mark of the Web detected: This indicates that the page was originally saved or cloned.
-
-
-
Target
Installer_X_v5.7.0.exe
-
Size
83.1MB
-
MD5
0b6171cf84209d1441665c06ce80c339
-
SHA1
fe2d66a3009497846fb928392d7a10cb4d9671bb
-
SHA256
2e8b04e706c5dfc026de790dbcbac568063d7dfddf5f4d7592751435518adf8f
-
SHA512
9e640a4a0e6f8deec738b37642d812fa4f4243a43b9bd29c4f2cc80314962586a0b997e92ccfd411886ad25741d324e00d3c7989d24efae957f81108768aff16
-
SSDEEP
1572864:ptuVMkFEruUp6/pjFzM374tHzjLi12oRshtlm8dGvdkGROvg+hcLVDgLe:pEOfTpmpjG37eoR+Dm8kVjug+hcxDZ
Score1/10 -