General
-
Target
Aslains_WoT_Modpack_Installer_v.1.25.0.0_06.exe
-
Size
86.6MB
-
Sample
240612-tyx6ssvgpj
-
MD5
ed9ab4e0ed962f99932b6e7f8faf47e2
-
SHA1
1e807734a870532f614bda76e10404dede8b5be0
-
SHA256
298ea38b10a5183d5a9a7cabddcd96eafdab85373c1b5d75ca62aafb409f4153
-
SHA512
5c53ae90e6e3b81bf3a1260df5d424e7714bbc6f67c428b975b53a4eb0c526c6047d903f7a94ac2b410427959f7d5a62fb7840bcbce2131566b5a61d1581dc21
-
SSDEEP
1572864:Y0VW+AaqS/2icSqXnuc0fMikG6RBJ5ZQealtaSIJFghg:rRqS/2iy/iJwQeaXavwhg
Static task
static1
Behavioral task
behavioral1
Sample
Aslains_WoT_Modpack_Installer_v.1.25.0.0_06.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Aslains_WoT_Modpack_Installer_v.1.25.0.0_06.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Aslains_WoT_Modpack_Installer_v.1.25.0.0_06.exe
-
Size
86.6MB
-
MD5
ed9ab4e0ed962f99932b6e7f8faf47e2
-
SHA1
1e807734a870532f614bda76e10404dede8b5be0
-
SHA256
298ea38b10a5183d5a9a7cabddcd96eafdab85373c1b5d75ca62aafb409f4153
-
SHA512
5c53ae90e6e3b81bf3a1260df5d424e7714bbc6f67c428b975b53a4eb0c526c6047d903f7a94ac2b410427959f7d5a62fb7840bcbce2131566b5a61d1581dc21
-
SSDEEP
1572864:Y0VW+AaqS/2icSqXnuc0fMikG6RBJ5ZQealtaSIJFghg:rRqS/2iy/iJwQeaXavwhg
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-