General
-
Target
7d14f313d6eaa2f51f88db7efd30e51c
-
Size
291KB
-
Sample
240128-pabwfacael
-
MD5
7d14f313d6eaa2f51f88db7efd30e51c
-
SHA1
9d1c9c48c4a068e59add46dbcb39c5028dbd4296
-
SHA256
89c7d67923732b02cc739b0ace4927a2ecbb8f37f46072fb00896f33683b05dd
-
SHA512
9bb921c66c8b6c36d4270f5967a2195a129e9fe89b51a230855d28a8458b7ae5682af40826a4035d4dac18be80d0022d650c3d6e62364724c8c224eea6098714
-
SSDEEP
6144:wqQDhqYPR4+n1XpnHRd7uvEKoY2axlZlkvbVGwh:wqQAYxn1XFHRd7uEKoSTrwh
Behavioral task
behavioral1
Sample
7d14f313d6eaa2f51f88db7efd30e51c.exe
Resource
win7-20231129-en
Malware Config
Extracted
vulturi
http://45.95.203.139:5050/gate
-
c2_encryption_key
RW0cRe5Zs02XCURF84ns2Q
-
c2_user
root
Targets
-
-
Target
7d14f313d6eaa2f51f88db7efd30e51c
-
Size
291KB
-
MD5
7d14f313d6eaa2f51f88db7efd30e51c
-
SHA1
9d1c9c48c4a068e59add46dbcb39c5028dbd4296
-
SHA256
89c7d67923732b02cc739b0ace4927a2ecbb8f37f46072fb00896f33683b05dd
-
SHA512
9bb921c66c8b6c36d4270f5967a2195a129e9fe89b51a230855d28a8458b7ae5682af40826a4035d4dac18be80d0022d650c3d6e62364724c8c224eea6098714
-
SSDEEP
6144:wqQDhqYPR4+n1XpnHRd7uvEKoY2axlZlkvbVGwh:wqQAYxn1XFHRd7uEKoSTrwh
-
Vulturi payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-