General
-
Target
genarox_v4.2.zip
-
Size
76.1MB
-
Sample
240702-p9cl1sxekn
-
MD5
e36cf0059f592442edcb62196d8da290
-
SHA1
1ad6202bbc5b16698ba71d943755de1b7a794c1c
-
SHA256
1c27bb3c8350f69a270a2e3b347c7ac4aee76e91026ea4b4631bcabe0b94b82d
-
SHA512
33f12a579d656779bc24c32b4a8c32711c589dbe09b77717dd682ae88fd7dbaee7118552369dbb7db5cd6c814704f5291cddd15e2430ecab88a400015376f57c
-
SSDEEP
1572864:RbSmOlS6u0qKPiXFGfRxGKbSc6x6T9fI+ogDQZXmh2iMWFzb396zxa1:Rb7O5u0BqVqQgSK5z/QuMWNwxa1
Malware Config
Targets
-
-
Target
genarox/genarox_v4.2.exe
-
Size
76.5MB
-
MD5
76f2c5ab9d6e1f9fdd92ee986c4ee3d9
-
SHA1
31f8e31d42cadd74dde0265a1d0d79787510746a
-
SHA256
4188a4362ce6ea9129d9ad03db84be4500bfbc3074b3cff9e3390961df6bbbc4
-
SHA512
64d69cc70796205b018c5473d30d82b690ac1cf0f87515d7743072e5ac56e50545f6571a49aeb3943f87329ddd587d37ceb83a0e5bb0cefdf385a14cb5dfbaaf
-
SSDEEP
1572864:vviEKlF2Sk8IpG7V+VPhqYdfME7ZlH/iYweyJulZUdgu0WVvj1GGRqZ9U:vvZKqSkB05awcfvdQpuK0c7c9U
Score9/10-
Enumerates VirtualBox DLL files
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-