General
-
Target
14f0db37a9c12172040478c237e9e8afc0dc85af3cbf179ccac3a91cec5e4fbf
-
Size
36KB
-
Sample
220212-e9sccsgag5
-
MD5
ddd44111bbf723b3ff37e08ee904c038
-
SHA1
56d395c3ec88c2a77e1b935aa876c4d7ff9e9528
-
SHA256
14f0db37a9c12172040478c237e9e8afc0dc85af3cbf179ccac3a91cec5e4fbf
-
SHA512
e6d8b2e6d5d9f7491c48e3e1d81fdb7ea17b207af4c2990b64c33b6aa1d0a0dc2eb2588403fb77ff65805f8b06d02f3b3cc34a6f215698669b92ff1b2ef0b48d
Static task
static1
Behavioral task
behavioral1
Sample
14f0db37a9c12172040478c237e9e8afc0dc85af3cbf179ccac3a91cec5e4fbf.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
14f0db37a9c12172040478c237e9e8afc0dc85af3cbf179ccac3a91cec5e4fbf.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
14f0db37a9c12172040478c237e9e8afc0dc85af3cbf179ccac3a91cec5e4fbf
-
Size
36KB
-
MD5
ddd44111bbf723b3ff37e08ee904c038
-
SHA1
56d395c3ec88c2a77e1b935aa876c4d7ff9e9528
-
SHA256
14f0db37a9c12172040478c237e9e8afc0dc85af3cbf179ccac3a91cec5e4fbf
-
SHA512
e6d8b2e6d5d9f7491c48e3e1d81fdb7ea17b207af4c2990b64c33b6aa1d0a0dc2eb2588403fb77ff65805f8b06d02f3b3cc34a6f215698669b92ff1b2ef0b48d
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-