General
-
Target
MangoModMenuV6.rar
-
Size
157KB
-
Sample
240401-b7mgjsab81
-
MD5
bd4e99ffe4fb8cd896f7d7a4dde3e2a4
-
SHA1
257b5d3ed3acf611ba1900613f9fdc08b403f8b0
-
SHA256
274040f71c7db6b9b8b39bd4cd328c5f4e4b36141690b1727430b2b7f57adaab
-
SHA512
ebae4f0604f4c996b6ddfc26d9038a57385f77106e989e0ef2795dee7beba74b8bf41a77fd006224c676219ad910292159babd730c1934640bc603fa1ad9e884
-
SSDEEP
3072:59AV52Kplsr31uVYhYP0IIBjutoVxCBpm43w8lJzLj3HINP/GcciT:59AVZlsr31+YdIcSmawC0u9Q
Behavioral task
behavioral1
Sample
MangoModMenuV6.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
asyncrat
Default
127.0.0.1:5050
127.0.0.1:7570
127.0.0.1:15770
147.185.221.18:5050
147.185.221.18:7570
147.185.221.18:15770
data-programming.gl.at.ply.gg:5050
data-programming.gl.at.ply.gg:7570
data-programming.gl.at.ply.gg:15770
2שXoXV1斯G西dYPaΒي
-
delay
1
-
install
true
-
install_file
Edge.exe
-
install_folder
%AppData%
Targets
-
-
Target
MangoModMenuV6.exe
-
Size
287KB
-
MD5
e8eb8b148e0aea5f4d164cc403e56f92
-
SHA1
be2f5f72cd2ace616c237089dde5e3d7713fa236
-
SHA256
4c46d64ee256f72726d6c6cab5288e5cd34e31eeadef8d38c6cf37a50e7a5ef9
-
SHA512
963c888744966a6d9c423e88b149c84d5af5520bb6109ce2d994014adbee6ed5d0a2d84b1ea0e687fab626922fdb417e9f6d697b4c065d0231274efd60c94bb9
-
SSDEEP
3072:5hpYYUbd3b6SIWQrtzIWyVEIhvU2AoOBrECT3H57PXcz07dz:qLbdWSIWQrtkWyOavlIBrR3Jsz6
Score10/10-
StormKitty payload
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-