General
-
Target
14239f779476ffd6a6a5e3f61e8a3c25463ac44a726ab3ebd7305390a9a1c909
-
Size
226KB
-
Sample
220107-pzv1lscffq
-
MD5
630ffbde8b5a7fb2c6bfc043fa26dc71
-
SHA1
09cb118f084da39aaa19ac5d0faffb5842042607
-
SHA256
14239f779476ffd6a6a5e3f61e8a3c25463ac44a726ab3ebd7305390a9a1c909
-
SHA512
7b01979c034f4b29f7a97edeb178e503a45ed58abfd88348618e135462956af5c276a01ebe0c9b55eb74fd8a5fba7983425cd540e0a913684548cdb51ef0268b
Static task
static1
Behavioral task
behavioral1
Sample
14239f779476ffd6a6a5e3f61e8a3c25463ac44a726ab3ebd7305390a9a1c909.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
14239f779476ffd6a6a5e3f61e8a3c25463ac44a726ab3ebd7305390a9a1c909
-
Size
226KB
-
MD5
630ffbde8b5a7fb2c6bfc043fa26dc71
-
SHA1
09cb118f084da39aaa19ac5d0faffb5842042607
-
SHA256
14239f779476ffd6a6a5e3f61e8a3c25463ac44a726ab3ebd7305390a9a1c909
-
SHA512
7b01979c034f4b29f7a97edeb178e503a45ed58abfd88348618e135462956af5c276a01ebe0c9b55eb74fd8a5fba7983425cd540e0a913684548cdb51ef0268b
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-