General
-
Target
6082a03473ed75eb7d2c0590c1f7eeb686cbeb715db0913a3fe92b1d2475d117
-
Size
1022KB
-
Sample
210511-vs9xwn23jx
-
MD5
1d341dacdf25ab30e56980da7caf6324
-
SHA1
5dd9cc07eed0526fb128969877d99f94766d2063
-
SHA256
6082a03473ed75eb7d2c0590c1f7eeb686cbeb715db0913a3fe92b1d2475d117
-
SHA512
c8dc977c32d4e675c4f5553f88e84dd8fc073936b36577e24ccabfea544250aa3cade3ab1045eb6f31757d75b3ee83c7de04720b23412e7ebedec9a74d65e9c4
Static task
static1
Behavioral task
behavioral1
Sample
6082a03473ed75eb7d2c0590c1f7eeb686cbeb715db0913a3fe92b1d2475d117.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
6082a03473ed75eb7d2c0590c1f7eeb686cbeb715db0913a3fe92b1d2475d117.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
6082a03473ed75eb7d2c0590c1f7eeb686cbeb715db0913a3fe92b1d2475d117
-
Size
1022KB
-
MD5
1d341dacdf25ab30e56980da7caf6324
-
SHA1
5dd9cc07eed0526fb128969877d99f94766d2063
-
SHA256
6082a03473ed75eb7d2c0590c1f7eeb686cbeb715db0913a3fe92b1d2475d117
-
SHA512
c8dc977c32d4e675c4f5553f88e84dd8fc073936b36577e24ccabfea544250aa3cade3ab1045eb6f31757d75b3ee83c7de04720b23412e7ebedec9a74d65e9c4
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-