General
-
Target
1721aa858d091d5512c07feac97af09a.exe
-
Size
1.4MB
-
Sample
211217-sgq6gseedp
-
MD5
1721aa858d091d5512c07feac97af09a
-
SHA1
c747dd9a872272fd35fe881bf8439d1fd3fc042b
-
SHA256
514af49adab4cd3229a96aec0608669a1f75918edef959c98e54245f01ffbab7
-
SHA512
94aaa8c0420eccf8e39fa06e3756d51b6ec123d4b28f1f224c0be46d23f9e1ba0f54eb2e87a34ceffc70928804b5f8b3be17d2369099429907e58faf19a8e5e1
Static task
static1
Behavioral task
behavioral1
Sample
1721aa858d091d5512c07feac97af09a.exe
Resource
win7-en-20211208
Malware Config
Extracted
socelars
http://www.biohazardgraphics.com/
Targets
-
-
Target
1721aa858d091d5512c07feac97af09a.exe
-
Size
1.4MB
-
MD5
1721aa858d091d5512c07feac97af09a
-
SHA1
c747dd9a872272fd35fe881bf8439d1fd3fc042b
-
SHA256
514af49adab4cd3229a96aec0608669a1f75918edef959c98e54245f01ffbab7
-
SHA512
94aaa8c0420eccf8e39fa06e3756d51b6ec123d4b28f1f224c0be46d23f9e1ba0f54eb2e87a34ceffc70928804b5f8b3be17d2369099429907e58faf19a8e5e1
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-