General
-
Target
b7d72ba9c972b6bab9cd737ac0856fa8b6a67426ee1fbe405b1a968199880378
-
Size
64KB
-
Sample
220206-z57ayacagp
-
MD5
d05bfea212bb82c7e6e2ba74207c4469
-
SHA1
e7ed796e8e4bba6e70d4783c6dcfb60a078348d1
-
SHA256
b7d72ba9c972b6bab9cd737ac0856fa8b6a67426ee1fbe405b1a968199880378
-
SHA512
cb99f9ebb466e9ee994eab5e3fd83b8fff6079ee4e3451e471c8afd88865d7ffbdd2c68f5f9ce70d4e4d704cbbef8141415c797041a43a17a464a930449820fc
Static task
static1
Behavioral task
behavioral1
Sample
b7d72ba9c972b6bab9cd737ac0856fa8b6a67426ee1fbe405b1a968199880378.iso
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
b7d72ba9c972b6bab9cd737ac0856fa8b6a67426ee1fbe405b1a968199880378.iso
Resource
win10v2004-en-20220113
Behavioral task
behavioral3
Sample
,,Payment_Receipt,,.js
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
,,Payment_Receipt,,.js
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
b7d72ba9c972b6bab9cd737ac0856fa8b6a67426ee1fbe405b1a968199880378
-
Size
64KB
-
MD5
d05bfea212bb82c7e6e2ba74207c4469
-
SHA1
e7ed796e8e4bba6e70d4783c6dcfb60a078348d1
-
SHA256
b7d72ba9c972b6bab9cd737ac0856fa8b6a67426ee1fbe405b1a968199880378
-
SHA512
cb99f9ebb466e9ee994eab5e3fd83b8fff6079ee4e3451e471c8afd88865d7ffbdd2c68f5f9ce70d4e4d704cbbef8141415c797041a43a17a464a930449820fc
Score4/10 -
-
-
Target
,,Payment_Receipt,,.js
-
Size
3KB
-
MD5
efbb72e784d2eeba8b4a1e560bda8bd5
-
SHA1
e5f7c20bac9163ea3e45cefd331d414b19cec52c
-
SHA256
af85de0f377deb278411bec90970fcb2edef0449912cd6ec41d94c5ea17116c7
-
SHA512
54719e06a164d468377af9e243178a896bd8f5cd69218bed619f5c3e6c370871a4ea4258985688d6a532b183fd53e68dc36ffa2a57cfea7e67b517f29467c3fd
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-