General
-
Target
0f82d4f2a32a5d6ff5b4434af9d351b621836a6cebb42ba1f08aa1198754699c
-
Size
370KB
-
Sample
210711-asjc54fh46
-
MD5
f9ba3c2921705fd6667e369240845972
-
SHA1
168f2ef2b156ea50ae88755adc94a4b303f803a1
-
SHA256
0f82d4f2a32a5d6ff5b4434af9d351b621836a6cebb42ba1f08aa1198754699c
-
SHA512
9556339dab6d762ec73e2f80a90296e8134418f9f7ed36f33db67fae66fa51224a044aa7adb7a4374c40987f453620f61533673d3fc4cd5f5bee57fb89b946bf
Static task
static1
Behavioral task
behavioral1
Sample
0f82d4f2a32a5d6ff5b4434af9d351b621836a6cebb42ba1f08aa1198754699c.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
0f82d4f2a32a5d6ff5b4434af9d351b621836a6cebb42ba1f08aa1198754699c
-
Size
370KB
-
MD5
f9ba3c2921705fd6667e369240845972
-
SHA1
168f2ef2b156ea50ae88755adc94a4b303f803a1
-
SHA256
0f82d4f2a32a5d6ff5b4434af9d351b621836a6cebb42ba1f08aa1198754699c
-
SHA512
9556339dab6d762ec73e2f80a90296e8134418f9f7ed36f33db67fae66fa51224a044aa7adb7a4374c40987f453620f61533673d3fc4cd5f5bee57fb89b946bf
-
Registers COM server for autorun
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-