General
-
Target
fuckwindows.exe
-
Size
1.2MB
-
Sample
240801-zptd5szhmg
-
MD5
816c5a325484587fe43c4be313cf412b
-
SHA1
76847fb310a648d81933ece3866a5e12879fc272
-
SHA256
62dc61ec97bd58357a532b3392a6bed9b562f3d4902fd10a7f7ee91c5d536475
-
SHA512
db0850b791588676e52c211d8e88c6cde7241936a6980ce055f72c0598f5324371c776c86632dc4a2de591d7805adf44e938937298a394bb085f4779a2668cbb
-
SSDEEP
24576:WQnZkrl1PGVuyhd9tBDgYW9sVTHzw9ulgUTYqwQ4co+y8BrVRHKV9OuVGawkU5dl:lTYYD4Hw
Malware Config
Targets
-
-
Target
fuckwindows.exe
-
Size
1.2MB
-
MD5
816c5a325484587fe43c4be313cf412b
-
SHA1
76847fb310a648d81933ece3866a5e12879fc272
-
SHA256
62dc61ec97bd58357a532b3392a6bed9b562f3d4902fd10a7f7ee91c5d536475
-
SHA512
db0850b791588676e52c211d8e88c6cde7241936a6980ce055f72c0598f5324371c776c86632dc4a2de591d7805adf44e938937298a394bb085f4779a2668cbb
-
SSDEEP
24576:WQnZkrl1PGVuyhd9tBDgYW9sVTHzw9ulgUTYqwQ4co+y8BrVRHKV9OuVGawkU5dl:lTYYD4Hw
Score8/10-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Sets desktop wallpaper using registry
-