General
-
Target
3.5.5_46010.exe
-
Size
2.0MB
-
Sample
240701-ew9dqayhrp
-
MD5
f5f6abd3de579fc72ff366ff51465f93
-
SHA1
1029fa9840deb853838bee703e15ceba7da9cd40
-
SHA256
4b0da03a819d6fd43e4632521e98e5b7206343fb88fc84ab120255a9ab530d1a
-
SHA512
a3f6d361bf9b7dcb50d0fc73f1c962a81d7042c61cf7b511989a1bd71518b23f929aae0bd677f3777913d42db9bb138585a1da4ef28c528cbe819b2dee7df16d
-
SSDEEP
49152:jZGd9L1Y8nISQ/a7ViQGWGUAqj+Olh75rlQZi3+gd:ML1hISQ/aByKAFOlh75rSZkd
Behavioral task
behavioral1
Sample
Device/HarddiskVolume5/USERS/Administrator/AppData/Local/Temp/HYDF2AB.tmp.1644086939_permissionsCopy/updates/3.5.5_46010.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
Device/HarddiskVolume5/USERS/Administrator/AppData/Local/Temp/HYDF2AB.tmp.1644086939_permissionsCopy/updates/3.5.5_46010.exe
-
Size
2.0MB
-
MD5
3dffcaaffa5b777a02aa531f5bad41e7
-
SHA1
70afb27f75f612710181e0069a1d59690e1528db
-
SHA256
e30d28b6fe4eea1e4d7390897897f6beecb5c805bba810c5b1119e48272947f6
-
SHA512
5bb726fbc57b6b831084d6f58c949a878df2ea39fff9c2bd0df209bebad90c98a4cfb2290b89440313641f51c9fdfa171fe05f58599f839629bac17cb2faa299
-
SSDEEP
24576:Gebxzp1tSXaXpzKCIUSKZl7fBlX9mlln2OCehr/kYoFlUo5SEFW31alR1AEdxWmU:xbf10asOltltckTe96m3ETxW21nuxC
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-