General
-
Target
Cracked.exe
-
Size
186KB
-
Sample
240621-tn9rva1erj
-
MD5
3fdd5f2582169b6c1f20259cef6eaabd
-
SHA1
a75c46ca845abcd24b4a7f2d896cd367658f023d
-
SHA256
b03f5f46fb0912724c736fb8d413e1f67fc01217e94b05c1a105e8d5ec7c7f81
-
SHA512
0218d2b47c4bdb593742cd027ac15d24336b9c20c1c61de8998faf9307695b46427fa2ebf99db4ebf62f14553117710581212a41b39e8cfa32649244c706dd14
-
SSDEEP
3072:L4i+ZGd9SKc//n7P+WhtMcfIQ/TkR1ZM5W+E08:ov//nJ57kPKl
Behavioral task
behavioral1
Sample
Cracked.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Cracked.exe
-
Size
186KB
-
MD5
3fdd5f2582169b6c1f20259cef6eaabd
-
SHA1
a75c46ca845abcd24b4a7f2d896cd367658f023d
-
SHA256
b03f5f46fb0912724c736fb8d413e1f67fc01217e94b05c1a105e8d5ec7c7f81
-
SHA512
0218d2b47c4bdb593742cd027ac15d24336b9c20c1c61de8998faf9307695b46427fa2ebf99db4ebf62f14553117710581212a41b39e8cfa32649244c706dd14
-
SSDEEP
3072:L4i+ZGd9SKc//n7P+WhtMcfIQ/TkR1ZM5W+E08:ov//nJ57kPKl
Score7/10-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-