General
-
Target
OperaGX.zip
-
Size
29.6MB
-
Sample
240602-2gtq2saf29
-
MD5
9c4235c9409028c3f1681eba9d59aafb
-
SHA1
28ef68f1363d23aea0cb91edd93637742aff957b
-
SHA256
7b53f65c9fa363b021a8f907eebe15993ad71fcfb9f6060664e8a22d735a99ff
-
SHA512
aea6a850d7ba5a8ee9c35841a603bbd60d6487f2b28c3380b1fc9f9be6366d13e64a9752a51d92e7f8fd239bfdeea660342a36c88b583b03761e36f7d5bfbdd5
-
SSDEEP
786432:16XSfbpehupADvqs4VeFp+p3IxW04SpC+WwgIhs:gXSfYwAOiYYxW0DpC35j
Static task
static1
Behavioral task
behavioral1
Sample
OperaGX.zip
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
OperaGX.zip
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
libcurl.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
libcurl.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
loader.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
loader.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
zlib1.dll
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
zlib1.dll
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
OperaGX.zip
-
Size
29.6MB
-
MD5
9c4235c9409028c3f1681eba9d59aafb
-
SHA1
28ef68f1363d23aea0cb91edd93637742aff957b
-
SHA256
7b53f65c9fa363b021a8f907eebe15993ad71fcfb9f6060664e8a22d735a99ff
-
SHA512
aea6a850d7ba5a8ee9c35841a603bbd60d6487f2b28c3380b1fc9f9be6366d13e64a9752a51d92e7f8fd239bfdeea660342a36c88b583b03761e36f7d5bfbdd5
-
SSDEEP
786432:16XSfbpehupADvqs4VeFp+p3IxW04SpC+WwgIhs:gXSfYwAOiYYxW0DpC35j
Score1/10 -
-
-
Target
libcurl.dll
-
Size
529KB
-
MD5
a2fd1e624f52f6bbbad54ffe46095e72
-
SHA1
11aad3b1b30891b904afaebda45697d16374b5da
-
SHA256
eb9788be011c43bb0326f20656741b7c40d7a9b2410c74d7209b7428fa87be21
-
SHA512
cc3f3af270596ffaa241b552e7adef1c4d472d5fe194de456c84e06699734d44dccb0c43875249be24f71ded6e6204f8b8f5f4f6dde99a2b6d7f3f6b06180327
-
SSDEEP
12288:PrHez66UMsodY6d4CDbMjP55bgBFrwhS:PrHelUMsoSc4qba50F9
Score1/10 -
-
-
Target
loader.exe
-
Size
34.2MB
-
MD5
48e6cb56036d902b44fccbaafc5298df
-
SHA1
0343c0886317395a502ccaf5b036e5659a0b4b19
-
SHA256
3a6233746617a17b6c0f039bde1863e08364dce539da71fcf0100176ec3fd007
-
SHA512
a359de5725d3f04e81a3e0a58950da7ee2d5ccc82c11f570711e8b87e602da1714d710a693f994ee727a31074b73661f6df1f9425064dcb1c3dc432ad163deed
-
SSDEEP
786432:zHpIrLvMphrdp+lqRmP3Y0wr+xtMVkJ5zBXCCp5o0khXZ:zIv6rG2m8Q8kJ5zBSCPo0
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
zlib1.dll
-
Size
87KB
-
MD5
336aa589ea0e4f435cd15d982773f0b4
-
SHA1
e59afad43e0d13acff42b24113bdef36643e6ac1
-
SHA256
ae031f0b42fe26dadd4a286234a1eab04aff7183d2bef21665ae33013f0662c6
-
SHA512
ac164df6dd816fa58eab4c549bb80577bca1e2fc1fe172e7bb46f41533c5b7793a58038d0767a62af452a056d9f48654531aaf6fc94fa7f9a67b8dff42013da2
-
SSDEEP
1536:ybADHM2s2n17hEWUpDZ0CmZnl9dFIOcIOsXNilMd52YD:yMDHjs21xUpunvdPSsXN+MdIYD
Score1/10 -