General
-
Target
a6936625e74d09e2118a9b0a475bf9391495f047f046f7b63cfc319adebbc25f.7z
-
Size
5.0MB
-
Sample
211028-vasf3sgfhq
-
MD5
f44e563507061e74b0ec98531f4f9a0c
-
SHA1
eae6214c4ed87f453b0667d46315d8a559fa1e8b
-
SHA256
64053908fcf7f49b000761602ecadd42a40b5d163c95e73b833cf2fd2ba183a2
-
SHA512
57ebc96ee78df1309e9a5aee9278112b1e10222e1a6acf93def937cb2ff5f40e1fee073bf5a9f55111eff0240d394070536619f7180a736c9d11e3a2d527cd55
Static task
static1
Behavioral task
behavioral1
Sample
a6936625e74d09e2118a9b0a475bf9391495f047f046f7b63cfc319adebbc25f.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
a6936625e74d09e2118a9b0a475bf9391495f047f046f7b63cfc319adebbc25f.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
a6936625e74d09e2118a9b0a475bf9391495f047f046f7b63cfc319adebbc25f
-
Size
5.5MB
-
MD5
d07ccea4f401887ff1106c08c42e8110
-
SHA1
79510087ee93e64cbbcb930ef6e61e620d619539
-
SHA256
a6936625e74d09e2118a9b0a475bf9391495f047f046f7b63cfc319adebbc25f
-
SHA512
96841848dafa59b9dc1f963c04550e72b2bb8a30818f90c639b2aff5978322b077c84bea0204b6027fc591f9914f9df8e5a4cac13e7059eba9795dc261b03e1a
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-