General
-
Target
22-05-2024_pKihY9plZHttTVH.zip
-
Size
11.2MB
-
Sample
240522-gdg8madh4v
-
MD5
abf5bab880ae3a92ca9626cff24df97a
-
SHA1
36a0173d0eae1667b944a793efeeaeee4f6a5515
-
SHA256
df5ba84155f8a99703f95509097a8d290d017702263436a429b9d3f6fd4ac8c1
-
SHA512
a6e7f8c991074640c8e7537d733dcb97f4f03d2ad8c9870dfa15a61d5d9b9b8c78d71474eecf5b773fbf0c5a41d9d0906a50cb6c93e22f5ff9940079d4a86137
-
SSDEEP
196608:6OlbN7LcyE6Ds3PvgvBIZsqL5mJ5/toSAHTDCr5ytmQsimG5TBfaZ5wJPkmt4coV:Np74yEeGnc+Zsw+2HTmyci1TBfabqgmu
Behavioral task
behavioral1
Sample
CollapseLoader_1.2.4_CHEATER.FUN/CHEATER.FUN.url
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
CollapseLoader_1.2.4_CHEATER.FUN/CHEATER.FUN.url
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
CollapseLoader_1.2.4_CHEATER.FUN/CollapseLoader_8dd66eb.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
CollapseLoader_1.2.4_CHEATER.FUN/CollapseLoader_8dd66eb.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
CollapseLoader_1.2.4_CHEATER.FUN/CHEATER.FUN.url
-
Size
46B
-
MD5
ff08f90a8c84c9a07e3a9f99225852a2
-
SHA1
bef8efaac1e01dafd8951f7ceca3adcc2152eab2
-
SHA256
016e97e28f1b9dc53eec83bff19b249682dbc695f40840261c1f0f42b08f3c32
-
SHA512
475bc83262577b2adc705150555af298fe60f85468d0b210202c43a6b1f7ccf7aed3c7a0aaa154caf12e655035ad94ea17ed00eae05aed948e312d8289c30144
-
-
-
Target
CollapseLoader_1.2.4_CHEATER.FUN/CollapseLoader_8dd66eb.exe
-
Size
11.4MB
-
MD5
90a7f4bf08814e1aa84505a1d8f0be18
-
SHA1
e2999b9afaf935b84ccdafa15977dc343946bb3a
-
SHA256
6478bae99b72255a7456c49fae6d7ec6763e0a59ba0538e03505fe70c5d4156b
-
SHA512
dafd5243350e9731583449c03f3ce185d353db5921d66098838df9b8c5ebaac4a4ca10a035bf12523bc3f1bf357934d9b19f4263d4d524b1078b71edab5dacba
-
SSDEEP
196608:2nxgeofXnxurErvI9pWjl1D1DEzx7sKbSE+cFAkj0WllG9o3nv1IbuNfvcnELKId:ljfBurEUWjP5EhyMIsv5VcYZd
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-