General
-
Target
7b0b036f718a332c7fe603cb6f941f574c571386eff7bd1cb96537703fcacc87
-
Size
1.5MB
-
Sample
220215-n79nasfhdl
-
MD5
36c4263712e4a103adf5edc6c93449ab
-
SHA1
3ac0dd61549de4a4373e7190d8d2dc9c919aabd9
-
SHA256
7b0b036f718a332c7fe603cb6f941f574c571386eff7bd1cb96537703fcacc87
-
SHA512
9f5974c69062c04e5c68a7bc2d733ec336a152445479bd4900309e641b84f4a21ba9881f80c786c574d25f6f8e86acaf89e8012f69ab5371b382fa91a6c77e7e
Static task
static1
Behavioral task
behavioral1
Sample
7b0b036f718a332c7fe603cb6f941f574c571386eff7bd1cb96537703fcacc87.exe
Resource
win7-en-20211208
Malware Config
Extracted
cryptbot
leksey42.top
morsyl04.top
-
payload_url
http://xetpuy16.top/download.php?file=basque.exe
Targets
-
-
Target
7b0b036f718a332c7fe603cb6f941f574c571386eff7bd1cb96537703fcacc87
-
Size
1.5MB
-
MD5
36c4263712e4a103adf5edc6c93449ab
-
SHA1
3ac0dd61549de4a4373e7190d8d2dc9c919aabd9
-
SHA256
7b0b036f718a332c7fe603cb6f941f574c571386eff7bd1cb96537703fcacc87
-
SHA512
9f5974c69062c04e5c68a7bc2d733ec336a152445479bd4900309e641b84f4a21ba9881f80c786c574d25f6f8e86acaf89e8012f69ab5371b382fa91a6c77e7e
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-