General

  • Target

    razer-taskbar-0.10.3.Setup.exe

  • Size

    95.1MB

  • Sample

    240404-p2w1pagb7v

  • MD5

    34a37b978cf896d4a6078aa8accf4d11

  • SHA1

    d209d6daedf9eeb403037cb797c866b4516138c2

  • SHA256

    18ec06ca9404dda6dfbcb063fd2966909dd76a4b204d828f22dd381147b556ea

  • SHA512

    702bc90c0265d2bc2debbdf4f5cbe4acf6188e55a0622ebc678597836d339c58dd42a7857d796d06d97d23b87d6a9367cdace202e5fb28ed95045d5674b983be

  • SSDEEP

    1572864:LIKjBAkL4u/zv4kkDzeqy6ZRi0eqLPMwULLBDvr80O+r8ulaTRQvOf+fMtrUOjp:L1Wu7AkkDz/ycOMPPkLBDASr3YC22fIP

Malware Config

Targets

    • Target

      razer-taskbar-0.10.3.Setup.exe

    • Size

      95.1MB

    • MD5

      34a37b978cf896d4a6078aa8accf4d11

    • SHA1

      d209d6daedf9eeb403037cb797c866b4516138c2

    • SHA256

      18ec06ca9404dda6dfbcb063fd2966909dd76a4b204d828f22dd381147b556ea

    • SHA512

      702bc90c0265d2bc2debbdf4f5cbe4acf6188e55a0622ebc678597836d339c58dd42a7857d796d06d97d23b87d6a9367cdace202e5fb28ed95045d5674b983be

    • SSDEEP

      1572864:LIKjBAkL4u/zv4kkDzeqy6ZRi0eqLPMwULLBDvr80O+r8ulaTRQvOf+fMtrUOjp:L1Wu7AkkDz/ycOMPPkLBDASr3YC22fIP

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks