General
-
Target
0496db5f1104b3c2bc4c4b34dd0004608b814642cde7eac4420cec949da0fb8b
-
Size
60KB
-
Sample
220212-ngkaqaddbk
-
MD5
b2e9cb2358ab3f79b1723686434daa94
-
SHA1
e30169dce809d789535ee806fa11c7d3fbb26cea
-
SHA256
0496db5f1104b3c2bc4c4b34dd0004608b814642cde7eac4420cec949da0fb8b
-
SHA512
b5cac4971db4f901215af5f6380376b96d46244d1a210f6c26ee564c3a4fab968931396a2b842fb9d9c176248b3f29c5bf4c1733fd8d3c173a453c383ed3043f
Static task
static1
Behavioral task
behavioral1
Sample
0496db5f1104b3c2bc4c4b34dd0004608b814642cde7eac4420cec949da0fb8b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0496db5f1104b3c2bc4c4b34dd0004608b814642cde7eac4420cec949da0fb8b.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0496db5f1104b3c2bc4c4b34dd0004608b814642cde7eac4420cec949da0fb8b
-
Size
60KB
-
MD5
b2e9cb2358ab3f79b1723686434daa94
-
SHA1
e30169dce809d789535ee806fa11c7d3fbb26cea
-
SHA256
0496db5f1104b3c2bc4c4b34dd0004608b814642cde7eac4420cec949da0fb8b
-
SHA512
b5cac4971db4f901215af5f6380376b96d46244d1a210f6c26ee564c3a4fab968931396a2b842fb9d9c176248b3f29c5bf4c1733fd8d3c173a453c383ed3043f
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-