General
-
Target
49d95fac7f3b43346606b9baf069d690b6b70458538646ffc70179ff19dfb3c7
-
Size
329KB
-
Sample
240529-hynftafc96
-
MD5
9ff15ec14128636b184e8e6acb5d28d6
-
SHA1
e0361d1db998c9def637119a3f8c6b5c02f36512
-
SHA256
49d95fac7f3b43346606b9baf069d690b6b70458538646ffc70179ff19dfb3c7
-
SHA512
ff890c0a0fa4a13414c5dd6ec7c71cfde63385cf79759af824aeb779e22ecb039d7727599f5b7373695496acd9967302f8579fa18a7017d94d39cfd47783fb52
-
SSDEEP
6144:ZOMYg52+e781ZJ5W3L8jxcKHoBOK8hbzhHy+CA/dLd:ZOMe7Q5W3AHoBSFhS+
Static task
static1
Behavioral task
behavioral1
Sample
49d95fac7f3b43346606b9baf069d690b6b70458538646ffc70179ff19dfb3c7.exe
Resource
win7-20240508-en
Malware Config
Extracted
gcleaner
185.172.128.90
5.42.64.56
185.172.128.69
Targets
-
-
Target
49d95fac7f3b43346606b9baf069d690b6b70458538646ffc70179ff19dfb3c7
-
Size
329KB
-
MD5
9ff15ec14128636b184e8e6acb5d28d6
-
SHA1
e0361d1db998c9def637119a3f8c6b5c02f36512
-
SHA256
49d95fac7f3b43346606b9baf069d690b6b70458538646ffc70179ff19dfb3c7
-
SHA512
ff890c0a0fa4a13414c5dd6ec7c71cfde63385cf79759af824aeb779e22ecb039d7727599f5b7373695496acd9967302f8579fa18a7017d94d39cfd47783fb52
-
SSDEEP
6144:ZOMYg52+e781ZJ5W3L8jxcKHoBOK8hbzhHy+CA/dLd:ZOMe7Q5W3AHoBSFhS+
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-