General
-
Target
04a580e1747c9a02e24789ab36cb14f0adb8d17686fb00962e9a31ac18faeab0
-
Size
36KB
-
Sample
220212-nfjykabff7
-
MD5
e062d75fb6b4f4088a7c89c9d6a841e6
-
SHA1
6ab215a8614c4278a0cf1605f8b5fd170302782e
-
SHA256
04a580e1747c9a02e24789ab36cb14f0adb8d17686fb00962e9a31ac18faeab0
-
SHA512
90ac3879dc2a2e9fe1d86d8bd9f307efe658dbf5fa5c82cf0833cf2d6d979b0c43bf5ddf3a5696a89075acfbbc871ccbb54d37d8e5c1f1d7d243177a1d219ce8
Static task
static1
Behavioral task
behavioral1
Sample
04a580e1747c9a02e24789ab36cb14f0adb8d17686fb00962e9a31ac18faeab0.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
04a580e1747c9a02e24789ab36cb14f0adb8d17686fb00962e9a31ac18faeab0.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
04a580e1747c9a02e24789ab36cb14f0adb8d17686fb00962e9a31ac18faeab0
-
Size
36KB
-
MD5
e062d75fb6b4f4088a7c89c9d6a841e6
-
SHA1
6ab215a8614c4278a0cf1605f8b5fd170302782e
-
SHA256
04a580e1747c9a02e24789ab36cb14f0adb8d17686fb00962e9a31ac18faeab0
-
SHA512
90ac3879dc2a2e9fe1d86d8bd9f307efe658dbf5fa5c82cf0833cf2d6d979b0c43bf5ddf3a5696a89075acfbbc871ccbb54d37d8e5c1f1d7d243177a1d219ce8
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-