General
-
Target
SecuriteInfo.com.not-a-virus.AdWare.NSIS.ConvertAd.ajyz.9272.10801.exe
-
Size
32.3MB
-
Sample
240509-srb5babe86
-
MD5
3847004cc52937aff44ab590cfc47fdd
-
SHA1
3955fb0ccc6d894b255bde1c329d98ffae6ea92e
-
SHA256
0bce62b057e8d60bcbaa16c3d8571943f7ea7e42f5bcfab85f1968a266e5386d
-
SHA512
8a593161ee1459e2a741f4e4126c54ca9b56170b861e3595315c8889f837d1dece825d28a3ea0507236d2e4b99a256808ad053e23ea39e7c411220b16a9b2af3
-
SSDEEP
786432:0Wmk13WFnGhBH1AIv2HMYYYXzt5+8rvySB:7mkknYB9vXqzbr6S
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.not-a-virus.AdWare.NSIS.ConvertAd.ajyz.9272.10801.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.not-a-virus.AdWare.NSIS.ConvertAd.ajyz.9272.10801.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.not-a-virus.AdWare.NSIS.ConvertAd.ajyz.9272.10801.exe
-
Size
32.3MB
-
MD5
3847004cc52937aff44ab590cfc47fdd
-
SHA1
3955fb0ccc6d894b255bde1c329d98ffae6ea92e
-
SHA256
0bce62b057e8d60bcbaa16c3d8571943f7ea7e42f5bcfab85f1968a266e5386d
-
SHA512
8a593161ee1459e2a741f4e4126c54ca9b56170b861e3595315c8889f837d1dece825d28a3ea0507236d2e4b99a256808ad053e23ea39e7c411220b16a9b2af3
-
SSDEEP
786432:0Wmk13WFnGhBH1AIv2HMYYYXzt5+8rvySB:7mkknYB9vXqzbr6S
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-