General
-
Target
WinRAR.exe
-
Size
1.3MB
-
Sample
240420-vt2tvsdh7t
-
MD5
167b0c13576ce31c32d1c53f1190dbb2
-
SHA1
9079697215a193868b9c9acf301f35a8351229f7
-
SHA256
23a7ef5004d703996e92446cc5b4730059488a55d549c33703f279623bacd477
-
SHA512
de5dd8da9508dbc8bf2382af69d8ea130194497bfb3c09ac90fe50ef256a36067f5b2cb24700db0099ecee9688e01fa958005d360ef006e26fd46447ffda11d3
-
SSDEEP
24576:md5HO7BsPDEV93rmcrM0R3CI5UfaKC9J1upHEnMK7MMMMMMGM:wQt8DEV93ScpSI8C9JE8MMMMMMD
Static task
static1
Behavioral task
behavioral1
Sample
WinRAR.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
WinRAR.exe
-
Size
1.3MB
-
MD5
167b0c13576ce31c32d1c53f1190dbb2
-
SHA1
9079697215a193868b9c9acf301f35a8351229f7
-
SHA256
23a7ef5004d703996e92446cc5b4730059488a55d549c33703f279623bacd477
-
SHA512
de5dd8da9508dbc8bf2382af69d8ea130194497bfb3c09ac90fe50ef256a36067f5b2cb24700db0099ecee9688e01fa958005d360ef006e26fd46447ffda11d3
-
SSDEEP
24576:md5HO7BsPDEV93rmcrM0R3CI5UfaKC9J1upHEnMK7MMMMMMGM:wQt8DEV93ScpSI8C9JE8MMMMMMD
Score8/10-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Modifies system executable filetype association
-
Legitimate hosting services abused for malware hosting/C2
-