General
-
Target
367a5929a2fab1244d330113183cdd0b56bdbfcaf857d89eb757e766bca3a58b
-
Size
224KB
-
Sample
220203-vcrmkacbek
-
MD5
0479d1bf5fbad7e0056ffb4828db8c42
-
SHA1
bc98d1774bd56ce23afff680b7b5946303ed2885
-
SHA256
367a5929a2fab1244d330113183cdd0b56bdbfcaf857d89eb757e766bca3a58b
-
SHA512
42dd47f5d96fab63316e3efab92ff699c65419c97b5acc6f64abcdaabb7d8ae21adbf3f8190582d3161ef5eaae97076cd3f9c2f8fbed960616ab2fadc490b28d
Static task
static1
Behavioral task
behavioral1
Sample
367a5929a2fab1244d330113183cdd0b56bdbfcaf857d89eb757e766bca3a58b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
367a5929a2fab1244d330113183cdd0b56bdbfcaf857d89eb757e766bca3a58b.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
https://cdn.discordapp.com/attachments/858084204901564479/864969154494201866/Main.png
Targets
-
-
Target
367a5929a2fab1244d330113183cdd0b56bdbfcaf857d89eb757e766bca3a58b
-
Size
224KB
-
MD5
0479d1bf5fbad7e0056ffb4828db8c42
-
SHA1
bc98d1774bd56ce23afff680b7b5946303ed2885
-
SHA256
367a5929a2fab1244d330113183cdd0b56bdbfcaf857d89eb757e766bca3a58b
-
SHA512
42dd47f5d96fab63316e3efab92ff699c65419c97b5acc6f64abcdaabb7d8ae21adbf3f8190582d3161ef5eaae97076cd3f9c2f8fbed960616ab2fadc490b28d
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-