General
-
Target
free-alarm-clock-5.2-installer_2n-x4b2.exe
-
Size
1.7MB
-
Sample
240527-m7m9mahb9y
-
MD5
5552181f905c874affb3c251067001e2
-
SHA1
d4203fbda5da49b4ea470ebcbd464cc7f7985641
-
SHA256
ca5f29cf7a96b1d85c923df3d56e5f35c6c298d4c977cf7c22989d27fac22c79
-
SHA512
f7a4e3e1a748709f1cf696ebd49be429c8a6917e3be6596d852f6fca5e38f1a41da7932a58805f5bbf890a9848f38191212c324419c453c74e4a0765a34b27db
-
SSDEEP
24576:n7FUDowAyrTVE3U5F/7OW7AmdQNxCzPktCJzO4PNQTQqeCR/7IXfETX:nBuZrEUGWxwoBO4PCsbsDoEj
Static task
static1
Behavioral task
behavioral1
Sample
free-alarm-clock-5.2-installer_2n-x4b2.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
free-alarm-clock-5.2-installer_2n-x4b2.exe
-
Size
1.7MB
-
MD5
5552181f905c874affb3c251067001e2
-
SHA1
d4203fbda5da49b4ea470ebcbd464cc7f7985641
-
SHA256
ca5f29cf7a96b1d85c923df3d56e5f35c6c298d4c977cf7c22989d27fac22c79
-
SHA512
f7a4e3e1a748709f1cf696ebd49be429c8a6917e3be6596d852f6fca5e38f1a41da7932a58805f5bbf890a9848f38191212c324419c453c74e4a0765a34b27db
-
SSDEEP
24576:n7FUDowAyrTVE3U5F/7OW7AmdQNxCzPktCJzO4PNQTQqeCR/7IXfETX:nBuZrEUGWxwoBO4PCsbsDoEj
-
Cobalt Strike reflective loader
Detects the reflective loader used by Cobalt Strike.
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Downloads MZ/PE file
-
Modifies powershell logging option
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-