General

  • Target

    Combo Editor by xRisky v1.0.rar

  • Size

    2.1MB

  • Sample

    240825-m85kas1drb

  • MD5

    879b354e3130c9b9d881f06e8bbb0157

  • SHA1

    58f8892e310232bcf6684de76ada23d6e17e48e7

  • SHA256

    28240cbd82865480b8d1e29901c552ed84b2ee8a86eaa421de5ec96b364cdee9

  • SHA512

    8cc1f8804cc084971200b6ca6dc8555a14340e28aa90aa9921f9e4b470fee5288c0ae08a5616d2f4dc4f3e56649772c732b87f10800def041135cf1d1ed4359a

  • SSDEEP

    49152:s/BNa7nbedY5ZhWXx7Bwqj2gsfcfYOZihWc6kYaDSYeud+ZYKXmA:e8Gmvhk7BwmDsyYWiIc6kYLnuAUA

Score
7/10

Malware Config

Targets

    • Target

      Combo Editor by xRisky v1.0/Combo Editor by xRisky.exe

    • Size

      3.0MB

    • MD5

      c094249efe9a74c2b2d8dd6f751da502

    • SHA1

      fcb0b3cdcb924713a1de03fc4442ed7e6b80a0a9

    • SHA256

      cfb6f1970d72a68f758fa867ad90afd4c32f12be2efb751d658e60aee37f51fc

    • SHA512

      4adb1a6fcff5e77b9c56d728e7ee6dff57aa92bc4be63024660c8807b1a71fbb5a5a19059e45338d4cea771f1a4b1b2119c7596ed27c680a78be41250924ee43

    • SSDEEP

      49152:oITh90Nac2vLNgeryROCmmfn8jopu+wlIRK9GOi3iUJVNR97N:i2DNgery8aun2mGOei+NN

    Score
    7/10
    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Target

      Combo Editor by xRisky v1.0/YouTube.lnk

    • Size

      1KB

    • MD5

      c7056a1f92245eec9e5ca71f406c4811

    • SHA1

      dfd0cf087771943aa92e7e88114e993234425d8b

    • SHA256

      bde117478e44d3aa7d55122cf450f10b5af74cfb4ce82ae4fc6fb7dd414c2469

    • SHA512

      640987725389f98a39892bdb03dbb59f316227b6611c488665f2d166bd8434b34b86ad1d784c9b750e9d57b031ea1c1522be37822111683e2e8762213cfefa2c

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks