Resubmissions
01-10-2024 17:39
241001-v8rx7sscln 801-10-2024 17:29
241001-v232ws1hlr 801-10-2024 17:27
241001-v1w7ys1gpp 801-10-2024 17:27
241001-v1kh6avgnh 301-10-2024 17:23
241001-vyawya1fmk 1001-10-2024 17:21
241001-vw3h6sveqg 401-10-2024 16:56
241001-vf6wnatgrb 801-10-2024 16:43
241001-t8m4kstdkh 1001-10-2024 16:06
241001-tkjq9ayanl 6General
-
Target
gridIcon.1d8a85f3.svg
-
Size
293B
-
Sample
241001-vf6wnatgrb
-
MD5
1d8a85f34abd62b14d14839dfc8c61fc
-
SHA1
ce4656701f932004cb94519e610f888f8b22ccef
-
SHA256
e0a95ac99f393fd7815f43de65beaef59bacd5d6af1a394688ad88ec2984edfc
-
SHA512
b560c2023f0590c4da329c245ff1259a285fb969686a3c10861f3c829cd53f800f98c8768c4f6a8b6f08f9fa4d2a57472958765fd24aace6427e11824238a0a2
Malware Config
Targets
-
-
Target
gridIcon.1d8a85f3.svg
-
Size
293B
-
MD5
1d8a85f34abd62b14d14839dfc8c61fc
-
SHA1
ce4656701f932004cb94519e610f888f8b22ccef
-
SHA256
e0a95ac99f393fd7815f43de65beaef59bacd5d6af1a394688ad88ec2984edfc
-
SHA512
b560c2023f0590c4da329c245ff1259a285fb969686a3c10861f3c829cd53f800f98c8768c4f6a8b6f08f9fa4d2a57472958765fd24aace6427e11824238a0a2
Score8/10-
Downloads MZ/PE file
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-