General
-
Target
Romper_V5.rar
-
Size
15.4MB
-
Sample
240701-bk3v1s1gpa
-
MD5
ea7ac7ffdf4113b8e55a47d1db198c4d
-
SHA1
3a8478fc2c6e139c0c46e7895e40578d3dad6640
-
SHA256
291f746c2eb1c7f1c979899d9a61c44b8f3085622f0b311cfa99fc0e584b1aac
-
SHA512
2c1c2430c00e22a8353fbf15901451e68e6e65755823b6707888a27ba48e3309a41192fd7fb99b1c4ba36d9aa30c1846d128bc73b996139addd73bd17c43986b
-
SSDEEP
393216:7St/d1JizuGcSB+u4Fn2NfZb8UmVbWvS4RmVCN+MV8:mRdOzu4+5n2NLmVbMS4QVOrV8
Behavioral task
behavioral1
Sample
Romper V5/Romper V5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Romper V5/Romper V5.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
Romper V5/Romper V5/Romper V5.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Romper V5/Romper V5/Romper V5.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Romper V5/Romper V5.exe
-
Size
30.1MB
-
MD5
20ccae603d435aab174b7b7e46ac7189
-
SHA1
c4c34d0a46c2f9532596f6dcb6fb86cc44046ab7
-
SHA256
cf675be72d39b1ee645b19bdbebbc615d6787d3f1c0e7ca9e2ef7c4396a7764b
-
SHA512
69658a3e15a9885691098976b89e8e2dd2936cbc78f0f0d58400dbf98fa14c4e170f9180b1ab130cc796b3a4b4245879e8406860770e03f3223a01d25532beb9
-
SSDEEP
786432:GW+e569MZLW+e569MuW+e569MgjW+e5i9M:GW+enhW+enuW+engjW+ev
Score8/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
Romper V5/Romper V5/Romper V5.exe
-
Size
30.1MB
-
MD5
20ccae603d435aab174b7b7e46ac7189
-
SHA1
c4c34d0a46c2f9532596f6dcb6fb86cc44046ab7
-
SHA256
cf675be72d39b1ee645b19bdbebbc615d6787d3f1c0e7ca9e2ef7c4396a7764b
-
SHA512
69658a3e15a9885691098976b89e8e2dd2936cbc78f0f0d58400dbf98fa14c4e170f9180b1ab130cc796b3a4b4245879e8406860770e03f3223a01d25532beb9
-
SSDEEP
786432:GW+e569MZLW+e569MuW+e569MgjW+e5i9M:GW+enhW+enuW+engjW+ev
Score8/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-