General
-
Target
Revo Uninstaller Pro 5.2.6.exe
-
Size
18.5MB
-
Sample
240522-cxhahshe9t
-
MD5
2413dc2fe7067dd7738d75446c140096
-
SHA1
f246ac96e8eb790593ceb0e37896542efc67afe7
-
SHA256
aa15d5ded58e1dcb2099806b996750c23c2bcb6026f9a5876a8a9ba0e86e5531
-
SHA512
a49312f62dae510f3f986508fe7dd500650afe95d2f6b92081f33c77636ff5d73c0b3fbcb6b3dc8120b8b83a95f8d82e46cf529263859ec2197f9bdf234b1bcf
-
SSDEEP
393216:gIBJiczqi8Alo2OtD6Zni1cOK8ZNK/WrH9PF2q5XFpBjFSF24S7ioXyj:RJ31z0VJOW79t2uXFp1FSE4AiCyj
Malware Config
Targets
-
-
Target
Revo Uninstaller Pro 5.2.6.exe
-
Size
18.5MB
-
MD5
2413dc2fe7067dd7738d75446c140096
-
SHA1
f246ac96e8eb790593ceb0e37896542efc67afe7
-
SHA256
aa15d5ded58e1dcb2099806b996750c23c2bcb6026f9a5876a8a9ba0e86e5531
-
SHA512
a49312f62dae510f3f986508fe7dd500650afe95d2f6b92081f33c77636ff5d73c0b3fbcb6b3dc8120b8b83a95f8d82e46cf529263859ec2197f9bdf234b1bcf
-
SSDEEP
393216:gIBJiczqi8Alo2OtD6Zni1cOK8ZNK/WrH9PF2q5XFpBjFSF24S7ioXyj:RJ31z0VJOW79t2uXFp1FSE4AiCyj
Score8/10-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-