General
-
Target
bb5b9634aeabce06f65c0a91cabdc75f4db2197c8ced0f36cbf69f67afe2c169
-
Size
20KB
-
Sample
220201-tsbqlshdap
-
MD5
b2c51765548969781036522266ccfdda
-
SHA1
981e625aeaec03dc095ab754e2e7667d63e76a4e
-
SHA256
bb5b9634aeabce06f65c0a91cabdc75f4db2197c8ced0f36cbf69f67afe2c169
-
SHA512
4a930725a96bf66da8cd09f5449a56ee2ed79d3bdead040fafe70bfb26f2468af5d3e2298467c1a5ed5fc633497fc2a2967982ff2f8b8a0130f961dfecf2e1ec
Static task
static1
Behavioral task
behavioral1
Sample
bb5b9634aeabce06f65c0a91cabdc75f4db2197c8ced0f36cbf69f67afe2c169.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
bb5b9634aeabce06f65c0a91cabdc75f4db2197c8ced0f36cbf69f67afe2c169.js
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
bb5b9634aeabce06f65c0a91cabdc75f4db2197c8ced0f36cbf69f67afe2c169
-
Size
20KB
-
MD5
b2c51765548969781036522266ccfdda
-
SHA1
981e625aeaec03dc095ab754e2e7667d63e76a4e
-
SHA256
bb5b9634aeabce06f65c0a91cabdc75f4db2197c8ced0f36cbf69f67afe2c169
-
SHA512
4a930725a96bf66da8cd09f5449a56ee2ed79d3bdead040fafe70bfb26f2468af5d3e2298467c1a5ed5fc633497fc2a2967982ff2f8b8a0130f961dfecf2e1ec
Score10/10-
Blocklisted process makes network request
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-