General
-
Target
Z-Launcher-GPS5.exe
-
Size
1.6MB
-
Sample
240925-y2eabayeqe
-
MD5
e6db71cc80920480219f16c0c54013c7
-
SHA1
4c7370868e5187d5d017c69df552dd809b76c1a2
-
SHA256
5b9a78809c6718019832322023e94982761032adb51e1a44ba139d4f63369542
-
SHA512
0b229b4b3e2cac3cd25748af0cbcc37840825b2d4f9d098e97e183f2f763fe240d0df89ef98a8c19c32e4cee61145d9e6f478598b6598384b6035ab714ebce55
-
SSDEEP
49152:TkTq24GjdGSiqkqXfd+/9AqYanieKdsfM:T1EjdGSiqkqXf0FLYWC
Behavioral task
behavioral1
Sample
Z-Launcher-GPS5.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
Z-Launcher-GPS5.exe
Resource
win7-20240903-en
Behavioral task
behavioral3
Sample
Z-Launcher-GPS5.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral4
Sample
Z-Launcher-GPS5.exe
Resource
win11-20240802-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1279142597218013264/8mlljrcp8pu-na1Kxr-pwaQv-IeIN4qXz3iwqKTXrY-DPCA89wjqOAQeRKn7qMqu3BR6
Targets
-
-
Target
Z-Launcher-GPS5.exe
-
Size
1.6MB
-
MD5
e6db71cc80920480219f16c0c54013c7
-
SHA1
4c7370868e5187d5d017c69df552dd809b76c1a2
-
SHA256
5b9a78809c6718019832322023e94982761032adb51e1a44ba139d4f63369542
-
SHA512
0b229b4b3e2cac3cd25748af0cbcc37840825b2d4f9d098e97e183f2f763fe240d0df89ef98a8c19c32e4cee61145d9e6f478598b6598384b6035ab714ebce55
-
SSDEEP
49152:TkTq24GjdGSiqkqXfd+/9AqYanieKdsfM:T1EjdGSiqkqXf0FLYWC
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-