General
-
Target
ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361.exe
-
Size
3.3MB
-
Sample
240610-fbrtlscb8z
-
MD5
17d98b424680c9936bf9d6499176ff0f
-
SHA1
4269825eed0f659ca8ad112e87350f737ee9e763
-
SHA256
ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361
-
SHA512
62e0909f893db0401ccf92c8e0b6644c4beabc67fd193e61ffcea2091ae00b233551996c7aef53b68915bb9ba3a0564b7f38e39004b203c494c7703865f2c15e
-
SSDEEP
98304:yd8kA91J8veiW1dfkE716Hb+Lm9yWN9+J:dkA9r87WrkS16HiLUX+J
Static task
static1
Behavioral task
behavioral1
Sample
ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361.exe
-
Size
3.3MB
-
MD5
17d98b424680c9936bf9d6499176ff0f
-
SHA1
4269825eed0f659ca8ad112e87350f737ee9e763
-
SHA256
ef719443af1e1e189bf5ef3246ae5ad6f9f70096448b2806e67a34ba1effd361
-
SHA512
62e0909f893db0401ccf92c8e0b6644c4beabc67fd193e61ffcea2091ae00b233551996c7aef53b68915bb9ba3a0564b7f38e39004b203c494c7703865f2c15e
-
SSDEEP
98304:yd8kA91J8veiW1dfkE716Hb+Lm9yWN9+J:dkA9r87WrkS16HiLUX+J
Score9/10-
Detects executables packed with unregistered version of .NET Reactor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-