General
-
Target
0db5f3df48e234a04a25148fa9704b2391edb110b644580f9d6e91757a65fbdd
-
Size
60KB
-
Sample
220212-h7916sheb5
-
MD5
5277109558b9ddc47a8e15be945d25de
-
SHA1
ec4300e0adf2e309043c6c4cfbd1b45b1d5dfd11
-
SHA256
0db5f3df48e234a04a25148fa9704b2391edb110b644580f9d6e91757a65fbdd
-
SHA512
c64ef28da737ab41161ab0582d8e3f72b1b837a4b3631b28fb29bdd938554eacf3a20fffe0002620ee14b470634966bbacb69328028255eba66b193c584a14f2
Static task
static1
Behavioral task
behavioral1
Sample
0db5f3df48e234a04a25148fa9704b2391edb110b644580f9d6e91757a65fbdd.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0db5f3df48e234a04a25148fa9704b2391edb110b644580f9d6e91757a65fbdd.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0db5f3df48e234a04a25148fa9704b2391edb110b644580f9d6e91757a65fbdd
-
Size
60KB
-
MD5
5277109558b9ddc47a8e15be945d25de
-
SHA1
ec4300e0adf2e309043c6c4cfbd1b45b1d5dfd11
-
SHA256
0db5f3df48e234a04a25148fa9704b2391edb110b644580f9d6e91757a65fbdd
-
SHA512
c64ef28da737ab41161ab0582d8e3f72b1b837a4b3631b28fb29bdd938554eacf3a20fffe0002620ee14b470634966bbacb69328028255eba66b193c584a14f2
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-