General
-
Target
22425b2a8008806cfcbd534b2d49255e.exe
-
Size
1.4MB
-
Sample
211220-hx8elaafgm
-
MD5
22425b2a8008806cfcbd534b2d49255e
-
SHA1
156daf180778e168c687abbccee1bfbe49026713
-
SHA256
84310263a13decf1bb2ab1d32cdfe354399c0433c40bad3e0f2852cf639d538e
-
SHA512
f97ce35dd162611b112039927a8957cb26609fb907289fec1d0a843789ccf6901ad18c61eb0f64182554e840f668fff79e781ed400c1427eec1d98da2ac66159
Static task
static1
Behavioral task
behavioral1
Sample
22425b2a8008806cfcbd534b2d49255e.exe
Resource
win7-en-20211208
Malware Config
Extracted
socelars
http://www.biohazardgraphics.com/
Targets
-
-
Target
22425b2a8008806cfcbd534b2d49255e.exe
-
Size
1.4MB
-
MD5
22425b2a8008806cfcbd534b2d49255e
-
SHA1
156daf180778e168c687abbccee1bfbe49026713
-
SHA256
84310263a13decf1bb2ab1d32cdfe354399c0433c40bad3e0f2852cf639d538e
-
SHA512
f97ce35dd162611b112039927a8957cb26609fb907289fec1d0a843789ccf6901ad18c61eb0f64182554e840f668fff79e781ed400c1427eec1d98da2ac66159
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-