General
-
Target
file
-
Size
253KB
-
Sample
201109-3hbx25znd2
-
MD5
94d715c76354182482dcc8fb446a1be7
-
SHA1
3d6497669c371e33c2e4055f9eb8c00dc5104387
-
SHA256
a2f4d3da25e52d88eafb7a7da242e9bb507fe4626af58ca3b8c1a13e391c2000
-
SHA512
e85e1ae231318c403a3aea0af312f587abbf55392fb8677543e363d9245054a939ad635a0094c0884b01f2e0171eb2919b43c556b472724bb103637cee206965
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
file
-
Size
253KB
-
MD5
94d715c76354182482dcc8fb446a1be7
-
SHA1
3d6497669c371e33c2e4055f9eb8c00dc5104387
-
SHA256
a2f4d3da25e52d88eafb7a7da242e9bb507fe4626af58ca3b8c1a13e391c2000
-
SHA512
e85e1ae231318c403a3aea0af312f587abbf55392fb8677543e363d9245054a939ad635a0094c0884b01f2e0171eb2919b43c556b472724bb103637cee206965
-
Modifies WinLogon for persistence
-
Modifies security service
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-