General
-
Target
OfficeSetup.exe
-
Size
5.0MB
-
Sample
210721-zaxcgnevb2
-
MD5
2cd6dc080a634beb490163f76199a013
-
SHA1
db4eb17b689ae7811c6e0b41bd73df83984682b3
-
SHA256
e6b5c8362f7ebcad6a5efef3772bfd4802ee6c34a617bbb8d2870b082fee3423
-
SHA512
fd94668806825515a1e90ebe8407791db4d45093e0f8bdb7d235d40f1056a729e7b6f0002fd01c842a97da4211d4b3acdfe280b59b1b4a5be68394826cfc39cf
Static task
static1
Behavioral task
behavioral1
Sample
OfficeSetup.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
OfficeSetup.exe
-
Size
5.0MB
-
MD5
2cd6dc080a634beb490163f76199a013
-
SHA1
db4eb17b689ae7811c6e0b41bd73df83984682b3
-
SHA256
e6b5c8362f7ebcad6a5efef3772bfd4802ee6c34a617bbb8d2870b082fee3423
-
SHA512
fd94668806825515a1e90ebe8407791db4d45093e0f8bdb7d235d40f1056a729e7b6f0002fd01c842a97da4211d4b3acdfe280b59b1b4a5be68394826cfc39cf
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-