General
-
Target
bInsta.exe
-
Size
220.2MB
-
Sample
240727-rw3bmaxarb
-
MD5
b877cb061d32cae2dd2b796998dfe99a
-
SHA1
ee6ba2c262fab087f2e760c65ec6a7375511df19
-
SHA256
5898cc041e8b1ae30a1939b542c6852b920fcb4ecd339de0c33d6817634c0b54
-
SHA512
0a709ee0e3459e0ff8489ec177f5007bc4356e88f67294457eb4bf36c3334f1db1e933a32c8715d52b02a5055d1ee469ce2147dc788b351445d7d9143b0512e4
-
SSDEEP
49152:I7Gmufzr8B1vZnSNVCoGaHcVVVVcUVJANG/sMAojVdJ:V3yr/2E
Malware Config
Targets
-
-
Target
bInsta.exe
-
Size
220.2MB
-
MD5
b877cb061d32cae2dd2b796998dfe99a
-
SHA1
ee6ba2c262fab087f2e760c65ec6a7375511df19
-
SHA256
5898cc041e8b1ae30a1939b542c6852b920fcb4ecd339de0c33d6817634c0b54
-
SHA512
0a709ee0e3459e0ff8489ec177f5007bc4356e88f67294457eb4bf36c3334f1db1e933a32c8715d52b02a5055d1ee469ce2147dc788b351445d7d9143b0512e4
-
SSDEEP
49152:I7Gmufzr8B1vZnSNVCoGaHcVVVVcUVJANG/sMAojVdJ:V3yr/2E
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-