General
-
Target
fuckwindows.exe
-
Size
1.2MB
-
Sample
240801-zexc2swdjm
-
MD5
b7d46750f79414071608eade6e3cf86f
-
SHA1
f81836e5d5a74501121d8df1588ffb7d08db7fcc
-
SHA256
51320fc26470e2643312364f34f1ae13e147aadc6d593c5d012aa4785e144b75
-
SHA512
ac64b526004f9716ebd9f5108811cd063ad6e5c9424e7f404aaddabcb3f5275ff066a0642befbb4b82a185405f023103e9fc510fbd891cbc1675b82a9481023a
-
SSDEEP
24576:wQnZkrl1PGVuyhd9tBDgYW9sVTHzw9ulgUTYqwQ4co+y8BrVRHKV9OuVGawkU5dv:HTYYD4Hw
Malware Config
Targets
-
-
Target
fuckwindows.exe
-
Size
1.2MB
-
MD5
b7d46750f79414071608eade6e3cf86f
-
SHA1
f81836e5d5a74501121d8df1588ffb7d08db7fcc
-
SHA256
51320fc26470e2643312364f34f1ae13e147aadc6d593c5d012aa4785e144b75
-
SHA512
ac64b526004f9716ebd9f5108811cd063ad6e5c9424e7f404aaddabcb3f5275ff066a0642befbb4b82a185405f023103e9fc510fbd891cbc1675b82a9481023a
-
SSDEEP
24576:wQnZkrl1PGVuyhd9tBDgYW9sVTHzw9ulgUTYqwQ4co+y8BrVRHKV9OuVGawkU5dv:HTYYD4Hw
Score8/10-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Sets desktop wallpaper using registry
-