General
-
Target
63a99ccfdc930abf9e0f91812ab262061124dda7182e1aecfda2aeaab35e467c
-
Size
251KB
-
Sample
201106-zp6azp7vfj
-
MD5
871e48f28ac21f11460f540b2bca3ce3
-
SHA1
c536afca338c94f29efb91a4cf93bb1c3907b86c
-
SHA256
63a99ccfdc930abf9e0f91812ab262061124dda7182e1aecfda2aeaab35e467c
-
SHA512
99c965f09325ec7532f0581452dfa5934b1054ad3d1b844e4c55d7db851d7c32552bd34d6dec308d8b712213f11f33c4929ed7170326071b00d698069e18d142
Static task
static1
Behavioral task
behavioral1
Sample
63a99ccfdc930abf9e0f91812ab262061124dda7182e1aecfda2aeaab35e467c.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
63a99ccfdc930abf9e0f91812ab262061124dda7182e1aecfda2aeaab35e467c
-
Size
251KB
-
MD5
871e48f28ac21f11460f540b2bca3ce3
-
SHA1
c536afca338c94f29efb91a4cf93bb1c3907b86c
-
SHA256
63a99ccfdc930abf9e0f91812ab262061124dda7182e1aecfda2aeaab35e467c
-
SHA512
99c965f09325ec7532f0581452dfa5934b1054ad3d1b844e4c55d7db851d7c32552bd34d6dec308d8b712213f11f33c4929ed7170326071b00d698069e18d142
-
Modifies WinLogon for persistence
-
Modifies security service
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-