General
-
Target
EaseUS Data Recovery Wizard Crack (SileCrack).rar
-
Size
5.0MB
-
Sample
240702-r1j1vaxble
-
MD5
97695df73f8d88325d9b577d6c9d9fa0
-
SHA1
7287704a75b97b56a0fc101cf791ea926019ac7f
-
SHA256
68d08c983edad3cc12f76b4535717c5311c89b26700bf86a8843e48997b04f35
-
SHA512
e8281b096ca7ee371d2abb9bad960d5dc60d101a6dc57b3dcd82f4cdcbdef07220befd4c1b08c56b480002e0eea44bf71d0aa3907dc379b6761f161e86c7d318
-
SSDEEP
98304:45aYlU9dV2TFT1Z92XtHRK+SRF8t/GNah2GamLyFxo43exQN4ZF:IlU9Ip1jl+bsNuDax7i0U
Static task
static1
Behavioral task
behavioral1
Sample
EaseUS Data Recovery Wizard Crack (SileCrack).exe
Resource
win7-20240611-en
Malware Config
Extracted
lumma
https://potterryisiw.shop/api
https://foodypannyjsud.shop/api
https://contintnetksows.shop/api
https://reinforcedirectorywd.shop/api
Targets
-
-
Target
EaseUS Data Recovery Wizard Crack (SileCrack).exe
-
Size
5.1MB
-
MD5
c13127f97d08d608b829c5a5ac8a26ae
-
SHA1
e420560091ecae1aff6eb0da906d4b3173f78f65
-
SHA256
4727831057d964540e10b26e564a8106b5d135647b95cf1f52008ae078e65686
-
SHA512
c0d5b234089a3ea19038025508e65998f66313284c87aba3988bd026522c84697dc2dc3e132da7812a06d5d89c5597d6d14a7389b88f196637fec34750e75d44
-
SSDEEP
98304:ysu9jR+khQvUjPjXrOkxoQhFXY2IAde4qshPJ80yRLZKkAU:ybjskesjvNVhFXUAA1shPJ80SwU
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-