General
-
Target
AmongusHack.exe
-
Size
202KB
-
Sample
250114-hbk26s1rem
-
MD5
5c39bb532bd116ae2c9e47528c9f81f3
-
SHA1
4af704758e4d281997df43811fcd759e4b3ea755
-
SHA256
09eeb778d2b787fb4a329923ce022d54c8b980213698d74487913700e40b5f1e
-
SHA512
18cd104f1d9ec1c6b52f0461d9cbba4483bad21074805e0e8c425045d77e439e795b19953964abc791f7b17dc7247d4481c2e4e6083019e8e5b4ca704682d320
-
SSDEEP
3072:gzEqV6B1jHa6dtJ10jgvzcgi+oG/j9iaMP2s/HI0aqPoOeRontyZEgszB8DYLJqE:gLV6Bta6dtJmakIM5pP1jMZIt8DffeLr
Malware Config
Extracted
nanocore
-
activate_away_mode
false
- backup_connection_host
- backup_dns_server
-
buffer_size
0
-
build_time
0001-01-01T00:00:00Z
-
bypass_user_account_control
false
- bypass_user_account_control_data
-
clear_access_control
false
-
clear_zone_identifier
false
-
connect_delay
0
-
connection_port
0
- default_group
-
enable_debug_mode
false
-
gc_threshold
0
-
keep_alive_timeout
0
-
keyboard_logging
false
-
lan_timeout
0
-
max_packet_size
0
- mutex
-
mutex_timeout
0
-
prevent_system_sleep
false
- primary_connection_host
- primary_dns_server
-
request_elevation
false
-
restart_delay
0
-
run_delay
0
-
run_on_startup
false
-
set_critical_process
false
-
timeout_interval
0
-
use_custom_dns_server
false
- version
-
wan_timeout
0
Targets
-
-
Target
AmongusHack.exe
-
Size
202KB
-
MD5
5c39bb532bd116ae2c9e47528c9f81f3
-
SHA1
4af704758e4d281997df43811fcd759e4b3ea755
-
SHA256
09eeb778d2b787fb4a329923ce022d54c8b980213698d74487913700e40b5f1e
-
SHA512
18cd104f1d9ec1c6b52f0461d9cbba4483bad21074805e0e8c425045d77e439e795b19953964abc791f7b17dc7247d4481c2e4e6083019e8e5b4ca704682d320
-
SSDEEP
3072:gzEqV6B1jHa6dtJ10jgvzcgi+oG/j9iaMP2s/HI0aqPoOeRontyZEgszB8DYLJqE:gLV6Bta6dtJmakIM5pP1jMZIt8DffeLr
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-