General

  • Target

    Cracked.exe

  • Size

    186KB

  • Sample

    240621-tn9rva1erj

  • MD5

    3fdd5f2582169b6c1f20259cef6eaabd

  • SHA1

    a75c46ca845abcd24b4a7f2d896cd367658f023d

  • SHA256

    b03f5f46fb0912724c736fb8d413e1f67fc01217e94b05c1a105e8d5ec7c7f81

  • SHA512

    0218d2b47c4bdb593742cd027ac15d24336b9c20c1c61de8998faf9307695b46427fa2ebf99db4ebf62f14553117710581212a41b39e8cfa32649244c706dd14

  • SSDEEP

    3072:L4i+ZGd9SKc//n7P+WhtMcfIQ/TkR1ZM5W+E08:ov//nJ57kPKl

Score
10/10

Malware Config

Targets

    • Target

      Cracked.exe

    • Size

      186KB

    • MD5

      3fdd5f2582169b6c1f20259cef6eaabd

    • SHA1

      a75c46ca845abcd24b4a7f2d896cd367658f023d

    • SHA256

      b03f5f46fb0912724c736fb8d413e1f67fc01217e94b05c1a105e8d5ec7c7f81

    • SHA512

      0218d2b47c4bdb593742cd027ac15d24336b9c20c1c61de8998faf9307695b46427fa2ebf99db4ebf62f14553117710581212a41b39e8cfa32649244c706dd14

    • SSDEEP

      3072:L4i+ZGd9SKc//n7P+WhtMcfIQ/TkR1ZM5W+E08:ov//nJ57kPKl

    Score
    7/10
    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks