General
-
Target
IS.Setup.exe
-
Size
17.5MB
-
Sample
240525-qznf7sed8z
-
MD5
f48ca4a6e5457dbb41d8de929da88c7c
-
SHA1
2908ae49cdaa4489ed80f25b8096bd79fb77ee42
-
SHA256
84dab96a11da002f640ba371f218c49fc3c13d192b9ffbae63cea45bf572ef2d
-
SHA512
a46e8e2fa8bb5f8f1c4158546c11c4b531047706ef4eb45bb288096d02d3d6212f4d92a13fb3d6402296256947558c470433ebcc9068f0a5712f9070e39b1bdd
-
SSDEEP
393216:uDaEVkpOv6htaoWh9ObpTX/6CIzOTIyzuKZ7KivthRc9Tn1:VxRtaoq9ObpTX/Lr/vthRGTn1
Static task
static1
Behavioral task
behavioral1
Sample
IS.Setup.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
IS.Setup.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
IS.Setup.exe
-
Size
17.5MB
-
MD5
f48ca4a6e5457dbb41d8de929da88c7c
-
SHA1
2908ae49cdaa4489ed80f25b8096bd79fb77ee42
-
SHA256
84dab96a11da002f640ba371f218c49fc3c13d192b9ffbae63cea45bf572ef2d
-
SHA512
a46e8e2fa8bb5f8f1c4158546c11c4b531047706ef4eb45bb288096d02d3d6212f4d92a13fb3d6402296256947558c470433ebcc9068f0a5712f9070e39b1bdd
-
SSDEEP
393216:uDaEVkpOv6htaoWh9ObpTX/6CIzOTIyzuKZ7KivthRc9Tn1:VxRtaoq9ObpTX/Lr/vthRGTn1
Score8/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-