General
-
Target
12f2635d309b94ed643e3dab26c02b721635a3cf3c0e7af882a0d1d49760bcdd
-
Size
58KB
-
Sample
220212-f2elzagdf4
-
MD5
92ed576b13eab8a0cc285ff3bfd50299
-
SHA1
354f0c46554eac8ba6bef7d369d07c053f16bb94
-
SHA256
12f2635d309b94ed643e3dab26c02b721635a3cf3c0e7af882a0d1d49760bcdd
-
SHA512
8e876c49b017b5bd69bbfb893840a44a06d8356d1e5e21daa816ef5e5b99e1ad762be081ab3d3728c39d54321c3abfd0adcd65a29aff0d52f405620ee2cf6bc9
Static task
static1
Behavioral task
behavioral1
Sample
12f2635d309b94ed643e3dab26c02b721635a3cf3c0e7af882a0d1d49760bcdd.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
12f2635d309b94ed643e3dab26c02b721635a3cf3c0e7af882a0d1d49760bcdd.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
12f2635d309b94ed643e3dab26c02b721635a3cf3c0e7af882a0d1d49760bcdd
-
Size
58KB
-
MD5
92ed576b13eab8a0cc285ff3bfd50299
-
SHA1
354f0c46554eac8ba6bef7d369d07c053f16bb94
-
SHA256
12f2635d309b94ed643e3dab26c02b721635a3cf3c0e7af882a0d1d49760bcdd
-
SHA512
8e876c49b017b5bd69bbfb893840a44a06d8356d1e5e21daa816ef5e5b99e1ad762be081ab3d3728c39d54321c3abfd0adcd65a29aff0d52f405620ee2cf6bc9
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-