General
-
Target
111f5a17448a9edf6bd38fc7987c2d6f77bbf5133cb7fd166346d9c28940ae6b
-
Size
2.4MB
-
Sample
220213-kadyksfgh5
-
MD5
b05e8714b40a34454d9c75a23dbbc625
-
SHA1
5d1940836cd89eb32ecb1394b67bbacfb8c0e49d
-
SHA256
111f5a17448a9edf6bd38fc7987c2d6f77bbf5133cb7fd166346d9c28940ae6b
-
SHA512
526cbb13bd78640b3c02310ec7a0952ee716fbd6b0a5d9bc96506f58f76892bd9f949907bd5787480c3eaf95d78cf252271cd0da2a6860ef6f21094046545dba
Static task
static1
Behavioral task
behavioral1
Sample
111f5a17448a9edf6bd38fc7987c2d6f77bbf5133cb7fd166346d9c28940ae6b.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
111f5a17448a9edf6bd38fc7987c2d6f77bbf5133cb7fd166346d9c28940ae6b
-
Size
2.4MB
-
MD5
b05e8714b40a34454d9c75a23dbbc625
-
SHA1
5d1940836cd89eb32ecb1394b67bbacfb8c0e49d
-
SHA256
111f5a17448a9edf6bd38fc7987c2d6f77bbf5133cb7fd166346d9c28940ae6b
-
SHA512
526cbb13bd78640b3c02310ec7a0952ee716fbd6b0a5d9bc96506f58f76892bd9f949907bd5787480c3eaf95d78cf252271cd0da2a6860ef6f21094046545dba
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-