General
-
Target
18f5f4be0cbdab767ceb8fc8be7067b77fdb44d7cedcef6b0fefeb3aacf7b9a4
-
Size
36KB
-
Sample
220212-dfswcsggan
-
MD5
1c1817ade934a17c9b8f20f2f8faa43d
-
SHA1
cb38783dcd7a516f32e0e1306a0c27e0b7a297a2
-
SHA256
18f5f4be0cbdab767ceb8fc8be7067b77fdb44d7cedcef6b0fefeb3aacf7b9a4
-
SHA512
4aa77cfe3d511aa1f6aecd480d541156dc0b74a2165e9ba3490a0043806f4fad5febb28396e4130a44b967b0921f8507003de6190292da75c74b231c4f1d5b9a
Static task
static1
Behavioral task
behavioral1
Sample
18f5f4be0cbdab767ceb8fc8be7067b77fdb44d7cedcef6b0fefeb3aacf7b9a4.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
18f5f4be0cbdab767ceb8fc8be7067b77fdb44d7cedcef6b0fefeb3aacf7b9a4.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
18f5f4be0cbdab767ceb8fc8be7067b77fdb44d7cedcef6b0fefeb3aacf7b9a4
-
Size
36KB
-
MD5
1c1817ade934a17c9b8f20f2f8faa43d
-
SHA1
cb38783dcd7a516f32e0e1306a0c27e0b7a297a2
-
SHA256
18f5f4be0cbdab767ceb8fc8be7067b77fdb44d7cedcef6b0fefeb3aacf7b9a4
-
SHA512
4aa77cfe3d511aa1f6aecd480d541156dc0b74a2165e9ba3490a0043806f4fad5febb28396e4130a44b967b0921f8507003de6190292da75c74b231c4f1d5b9a
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-