182986e90e0444d5c1716b87ffafe0e7991343ee7696d3f3d404c12fff15b7ca

Sharing

Copy URL

Twitter E-mail

General

Target

netmarble_7dsgb_A_installer_80943.exe
Size

241KB
Sample

240523-a2fw5sfc72
MD5

225a61fe34aa8cc9aa114510cd80e24a
SHA1

5c70d05b61a7c1912933f0ebb4f3efaa1482f496
SHA256

182986e90e0444d5c1716b87ffafe0e7991343ee7696d3f3d404c12fff15b7ca
SHA512

734f03656ad3f80313a02d51ba34840bd7e794974b3d48c4fa3e949d8d48a9f0a4a4aae1e65b07a9bbba0e9cc4a51b1b74af09659029d543c4610b51cf2e3f2a
SSDEEP

3072:dbG7N2kDTHUpouAw9aXCvLIaSQmjWAKp3dIcW4PdWlr2tvhOEA1RJCir86SrSrvh:dbE/HU4aaXCTp8ImcpFe2t0EyL+hc

Score

8^/10

Malware Config

Targets

- Target
  
  netmarble_7dsgb_A_installer_80943.exe
- Size
  
  241KB
- MD5
  
  225a61fe34aa8cc9aa114510cd80e24a
- SHA1
  
  5c70d05b61a7c1912933f0ebb4f3efaa1482f496
- SHA256
  
  182986e90e0444d5c1716b87ffafe0e7991343ee7696d3f3d404c12fff15b7ca
- SHA512
  
  734f03656ad3f80313a02d51ba34840bd7e794974b3d48c4fa3e949d8d48a9f0a4a4aae1e65b07a9bbba0e9cc4a51b1b74af09659029d543c4610b51cf2e3f2a
- SSDEEP
  
  3072:dbG7N2kDTHUpouAw9aXCvLIaSQmjWAKp3dIcW4PdWlr2tvhOEA1RJCir86SrSrvh:dbE/HU4aaXCTp8ImcpFe2t0EyL+hc
Score

8^/10

discovery evasion execution
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  25KB
- MD5
  
  40d7eca32b2f4d29db98715dd45bfac5
- SHA1
  
  124df3f617f562e46095776454e1c0c7bb791cc7
- SHA256
  
  85e03805f90f72257dd41bfdaa186237218bbb0ec410ad3b6576a88ea11dccb9
- SHA512
  
  5fd4f516ce23fb7e705e150d5c1c93fc7133694ba495fb73101674a528883a013a34ab258083aa7ce6072973b067a605158316a4c9159c1b4d765761f91c513d
- SSDEEP
  
  384:pjj9e9dE95XD+iTx58Y5oMM3O9MEoLr1VcQZ/ZwcSyekMRlZ4L4:dAvE90GuY2tO93oLrJRM7Z4E
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10
behavioral7 behavioral8