General
-
Target
bb93b746dc07c5c60e6b19404e1f89001a1e523e35c75b8f64b36c125d13fb81
-
Size
70KB
-
Sample
220206-zmv5ysbhfp
-
MD5
41d22f10ce4703a4dec9b015642226c3
-
SHA1
d38547f6bfb75c2cad5f8c1355cd616383963a13
-
SHA256
bb93b746dc07c5c60e6b19404e1f89001a1e523e35c75b8f64b36c125d13fb81
-
SHA512
4f36ef5ab819644eaa8d32342c95bb4eefdd1884009d3c9c718186aed0659aef10fb3e453443d172d2403f60b9bceb24daa9a6846e9ec3f545e6642b5c16e412
Static task
static1
Behavioral task
behavioral1
Sample
bb93b746dc07c5c60e6b19404e1f89001a1e523e35c75b8f64b36c125d13fb81.iso
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
bb93b746dc07c5c60e6b19404e1f89001a1e523e35c75b8f64b36c125d13fb81.iso
Resource
win10v2004-en-20220112
Behavioral task
behavioral3
Sample
#ZGSOPW8K90.js
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
#ZGSOPW8K90.js
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
bb93b746dc07c5c60e6b19404e1f89001a1e523e35c75b8f64b36c125d13fb81
-
Size
70KB
-
MD5
41d22f10ce4703a4dec9b015642226c3
-
SHA1
d38547f6bfb75c2cad5f8c1355cd616383963a13
-
SHA256
bb93b746dc07c5c60e6b19404e1f89001a1e523e35c75b8f64b36c125d13fb81
-
SHA512
4f36ef5ab819644eaa8d32342c95bb4eefdd1884009d3c9c718186aed0659aef10fb3e453443d172d2403f60b9bceb24daa9a6846e9ec3f545e6642b5c16e412
Score4/10 -
-
-
Target
#ZGSOPW8K90.js
-
Size
9KB
-
MD5
ae8557fa1481775c784fe476178a3e15
-
SHA1
f6f9eb5eac66b7b121d4500adaebdb02b0adc75b
-
SHA256
4debfb4af8e27a5a3d8065ecca05fdf6ba1b16ed8e8485970fdf1680a6ad89ca
-
SHA512
0e3df716b8f5a5f9ed58a4afb0f40a2c880bccd6bfa456a37bd8061ea85e4ebf509600db0bf0dfb7f3ff10b360817ab1cead6026a5b851a5e20d03d05218757d
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-