General
-
Target
044d5b640f739b9833375215580d6142bed184e33b0fc14d1408eb502486f9db
-
Size
60KB
-
Sample
220212-nldczaddfm
-
MD5
9b5bec464e67b77726e7a9dc85f09c1e
-
SHA1
e2d5251a27a30f59f3e157a24198192fa1d9f74f
-
SHA256
044d5b640f739b9833375215580d6142bed184e33b0fc14d1408eb502486f9db
-
SHA512
302723ebcfae01f0ffdf8d9bb6462b9bf979c4b39e9c229dea6b0eebdd97930b37be34e0b19b611f3e98e141f02a8c1b4be1ce29c23955ad5379a732c4d58c29
Static task
static1
Behavioral task
behavioral1
Sample
044d5b640f739b9833375215580d6142bed184e33b0fc14d1408eb502486f9db.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
044d5b640f739b9833375215580d6142bed184e33b0fc14d1408eb502486f9db.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
044d5b640f739b9833375215580d6142bed184e33b0fc14d1408eb502486f9db
-
Size
60KB
-
MD5
9b5bec464e67b77726e7a9dc85f09c1e
-
SHA1
e2d5251a27a30f59f3e157a24198192fa1d9f74f
-
SHA256
044d5b640f739b9833375215580d6142bed184e33b0fc14d1408eb502486f9db
-
SHA512
302723ebcfae01f0ffdf8d9bb6462b9bf979c4b39e9c229dea6b0eebdd97930b37be34e0b19b611f3e98e141f02a8c1b4be1ce29c23955ad5379a732c4d58c29
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-