General
-
Target
1175cc1b1213ad48ab154b4526baa72ed6e18ba36d66616a73f98b2126b897c4
-
Size
36KB
-
Sample
220212-gkmrpaacfn
-
MD5
c0223dbeed93c92a0f4cefc330a8b6eb
-
SHA1
3cf55a303ae2e28448ce6b37ac4adf0b1eb79df1
-
SHA256
1175cc1b1213ad48ab154b4526baa72ed6e18ba36d66616a73f98b2126b897c4
-
SHA512
1a48db8b945f0ffdc458e4f58697cf581a5dcc55313bec1e82e4c4829f540903fd7bbe8ceff811522f6761609ada26e0ec6f6db625006417e1e35c4f9fc149d1
Static task
static1
Behavioral task
behavioral1
Sample
1175cc1b1213ad48ab154b4526baa72ed6e18ba36d66616a73f98b2126b897c4.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1175cc1b1213ad48ab154b4526baa72ed6e18ba36d66616a73f98b2126b897c4.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1175cc1b1213ad48ab154b4526baa72ed6e18ba36d66616a73f98b2126b897c4
-
Size
36KB
-
MD5
c0223dbeed93c92a0f4cefc330a8b6eb
-
SHA1
3cf55a303ae2e28448ce6b37ac4adf0b1eb79df1
-
SHA256
1175cc1b1213ad48ab154b4526baa72ed6e18ba36d66616a73f98b2126b897c4
-
SHA512
1a48db8b945f0ffdc458e4f58697cf581a5dcc55313bec1e82e4c4829f540903fd7bbe8ceff811522f6761609ada26e0ec6f6db625006417e1e35c4f9fc149d1
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-