Resubmissions
13-06-2024 00:15
240613-ajydgawgpc 7General
-
Target
Galaxy Swapper v2.exe
-
Size
10.7MB
-
Sample
240604-cjk49ahf71
-
MD5
3cf7f11e3da78eeb96c558bee781298d
-
SHA1
f7adb2a33d3697da995f23cad6351434508bac3d
-
SHA256
87d6a5343b80cf6fb434dca7f7efe2be542974d83756bdb7774750d8f0d5dbbf
-
SHA512
3684763cd3351c324474d5b081fa791ae5eb29b3d8fa22bc5b1e929617d4badcd563ed620eb1ac1f2265c571660d3bae8eb3caf120cb1d276a3b4c9c0f274661
-
SSDEEP
196608:QcjhofUFS3J3w25ffH9tOb6Ye2BZiHhWWiVbMOVvu8ovcLFwi8:QAofdztLGicWiVbMOVvuxvcL+i8
Static task
static1
Behavioral task
behavioral1
Sample
Galaxy Swapper v2.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
Galaxy Swapper v2.exe
-
Size
10.7MB
-
MD5
3cf7f11e3da78eeb96c558bee781298d
-
SHA1
f7adb2a33d3697da995f23cad6351434508bac3d
-
SHA256
87d6a5343b80cf6fb434dca7f7efe2be542974d83756bdb7774750d8f0d5dbbf
-
SHA512
3684763cd3351c324474d5b081fa791ae5eb29b3d8fa22bc5b1e929617d4badcd563ed620eb1ac1f2265c571660d3bae8eb3caf120cb1d276a3b4c9c0f274661
-
SSDEEP
196608:QcjhofUFS3J3w25ffH9tOb6Ye2BZiHhWWiVbMOVvu8ovcLFwi8:QAofdztLGicWiVbMOVvuxvcL+i8
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-