General
-
Target
InstallPack.exe
-
Size
2.7MB
-
Sample
241012-lk4gnaycqp
-
MD5
5f9078498963ebf623ba49b80305e7d9
-
SHA1
63d673cc10a9cb6e0e92598924171c0430d466a3
-
SHA256
0a88c9a568f3b24eb6e3d8cb54c2df16f2ad125ab5f8da97892ce771ec5efc81
-
SHA512
832b666c1d1b03f181083b5bedf1c0aecaac00799b90fe7708e03934025f885520c14e08030133e217f398ecdefc5a2186e89445a435abacbe91b0f96e3bce18
-
SSDEEP
49152:hdW6Crj66mw3aeuVBoRpovnQ28YpKraZkzeqIFq/wydnEbHYG9PZkn0ngRF+LvNK:hdyrGsa3OOQ2/pK+q6MHJuHYqPZkn0nI
Static task
static1
Behavioral task
behavioral1
Sample
InstallPack.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
InstallPack.exe
-
Size
2.7MB
-
MD5
5f9078498963ebf623ba49b80305e7d9
-
SHA1
63d673cc10a9cb6e0e92598924171c0430d466a3
-
SHA256
0a88c9a568f3b24eb6e3d8cb54c2df16f2ad125ab5f8da97892ce771ec5efc81
-
SHA512
832b666c1d1b03f181083b5bedf1c0aecaac00799b90fe7708e03934025f885520c14e08030133e217f398ecdefc5a2186e89445a435abacbe91b0f96e3bce18
-
SSDEEP
49152:hdW6Crj66mw3aeuVBoRpovnQ28YpKraZkzeqIFq/wydnEbHYG9PZkn0ngRF+LvNK:hdyrGsa3OOQ2/pK+q6MHJuHYqPZkn0nI
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-