Overview
overview
10Static
static
10wentra/Guna.UI2.dll
windows7-x64
1wentra/Guna.UI2.dll
windows10-2004-x64
1wentra/Spoofer.exe
windows7-x64
1wentra/Spoofer.exe
windows10-2004-x64
1wentra/alperenxrq.exe
windows7-x64
3wentra/alperenxrq.exe
windows10-2004-x64
7wentra/run...nt.dll
windows7-x64
1wentra/run...nt.dll
windows10-2004-x64
1General
-
Target
wentra.rar
-
Size
11.3MB
-
Sample
240913-xynh5stemn
-
MD5
63eeb2449e6cb1e9896002f19064bb25
-
SHA1
2f863b7843cc900d53edf911a8efb76be847bfea
-
SHA256
8ddabb3123e9ce339e10e3a37e583be80b790b415bd81f28ec960e0741fb2784
-
SHA512
d8a4411128fa69ebb3f57c43f4fb4791a8f39e374c8c57b8d0cafd68848e592c50f463f04cf158df5eeba9dfa0710a937a1542691ad75a45199f578dea8c1ef4
-
SSDEEP
196608:woVbd8yDhv/3oSowudnYeJetj+B5IgxKo1/resVDdDlbH+riHqy5+Pm4ofn51:wkFaRbYHCMK31DZVBDlbHwYU6nX
Behavioral task
behavioral1
Sample
wentra/Guna.UI2.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
wentra/Guna.UI2.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
wentra/Spoofer.exe
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
wentra/Spoofer.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
wentra/alperenxrq.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
wentra/alperenxrq.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
wentra/runtimes/win/lib/net6.0/System.Management.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
wentra/runtimes/win/lib/net6.0/System.Management.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
wentra/Guna.UI2.dll
-
Size
2.1MB
-
MD5
fc5aba3c395c5f9098cb8e2f78e17022
-
SHA1
217061a89757a1d6eb976ad48fb9c93a7a58edcb
-
SHA256
cad8bb34cf070c10e995ebdb60d9d1b4e206bc763183a8cdfb29e17ffa30dd10
-
SHA512
148b275edaccd403ee7dcb70e959b29a22ed1c5f61b674afb94af6e9e6b010bb0a7dd9e964d2811dff9c2642a49bb278cc1a838a4f384f5648470187ee83936d
-
SSDEEP
49152:YTTFBySg6etzcwp8fB0hXGErGn9lut4XrgF0:irG8farRo
Score1/10 -
-
-
Target
wentra/Spoofer.dll
-
Size
19KB
-
MD5
b14851dbf9c880fa7e82f473f039e27c
-
SHA1
6d75857683785ea7a521a276f208a2efd8ff8017
-
SHA256
592b6be347b53a82d76df7d97abf289ae5d5c816b863adb40aa9d6a5cbd63c61
-
SHA512
36a38bcebd99313a1a4fe7b766a5b5bb706c1bc7f80e938c8566fb399eabe186d0d556997af4744e4c2e3772e1de7fa209df26c35227c601f7ad9714b0b482f4
-
SSDEEP
384:RAZiqa8rhY8Jf9l2Dv9xAzbkKf+iFD7ePUkLPyPfkl+vzwjKqPeW:Ruiqaf8t9oubnPgUmwRW
Score1/10 -
-
-
Target
wentra/alperenxrq.exe
-
Size
11.9MB
-
MD5
bc9ea1f205d6e0e52cffd65e0d5535c5
-
SHA1
275646802d56921b1f92231d27da935048f53864
-
SHA256
1bd7b1beeaba06d9f0edc6d8cf9a2f999b5b4db5a9a053ed0d9c1e06c4ee3aec
-
SHA512
ddd0a6c97688429645a53143801432638a29bb2f6a602fcd715e54e1f36b5ac62a4daa258495713657e3ef68d3b6964d3b08eb55f6a0d9dc2322c7af99d626f9
-
SSDEEP
196608:xJQNljpryeo6GdTbYFzLzpl80JXQT4EnbUaAf00BU3Yg7MPrDhdYTQ4ILDlL:XQNFpryrddTbYTlvJubUaT0cgPr1d5
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
wentra/runtimes/win/lib/net6.0/System.Management.dll
-
Size
284KB
-
MD5
83cda4cc597e6a0b2ebbd1b8f41e94d3
-
SHA1
10415fa323a21d412eb36e583a98385088065d61
-
SHA256
aa474c96b9fd17cb3580d89bb8eb716cb1407c89026b5e8180402666eeeb766a
-
SHA512
ff7d869d416e3c47c082b8bd2d6907bbbe457d17d093cd84f66d42b978d143c088e008388041b440b01f7d82e373dde9b1b5c1acfd9553f98a63fa579d7ec8d2
-
SSDEEP
6144:HG17jgxtTSfK7JK7XUUmhOzZiRZHhGASipzvZhHcx:HG17jgfefK747ZmhOzZiRZH2wgx
Score1/10 -