General
-
Target
a16e466bed46fcf9c0a771ca0e41bc42a1ac13e66717354e4824f61d1695dbb1
-
Size
1.7MB
-
Sample
220228-dpfx6achh7
-
MD5
f7b0f59bff65176713c678693f1bf1f2
-
SHA1
417858f4722442a311f4ef2d5126c8a8cae760cb
-
SHA256
a16e466bed46fcf9c0a771ca0e41bc42a1ac13e66717354e4824f61d1695dbb1
-
SHA512
695811a3112a75d1f5789f902f2b97948864989e4fd49b6531073b3ac19f86c98661e8173447a26d30273c6d3ab6475c4bd43885a1a4d395c5deb7531681a88a
Behavioral task
behavioral1
Sample
COVID-19-Vaccine-Coupon/COVID-19-Vaccine-Coupon.lnk
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
COVID-19-Vaccine-Coupon/COVID-19-Vaccine-Coupon.lnk
Resource
win10v2004-en-20220113
Behavioral task
behavioral3
Sample
EUA 27034_FS for Vaccination Providers-Full EUA PI_Final_4.6.2021.pdf
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
EUA 27034_FS for Vaccination Providers-Full EUA PI_Final_4.6.2021.pdf
Resource
win10v2004-en-20220113
Behavioral task
behavioral5
Sample
SUMMARY OF PRODUCT CHARACTERISTICS/comirnaty-epar-product-information_en.pdf
Resource
win7-en-20211208
Behavioral task
behavioral6
Sample
SUMMARY OF PRODUCT CHARACTERISTICS/comirnaty-epar-product-information_en.pdf
Resource
win10v2004-en-20220113
Malware Config
Extracted
http://1000018.xyz/soft-2/280421-z1z.exe
Targets
-
-
Target
COVID-19-Vaccine-Coupon/COVID-19-Vaccine-Coupon.lnk
-
Size
1KB
-
MD5
5897322f62070e894488b4115463939d
-
SHA1
217490d9df6b3eb30caec933c6f3a04ae3a3a82f
-
SHA256
101d9f3a9e4a8d0c8d80bcd40082e10ab71a7d45a04ab443ef8761dfad246ca5
-
SHA512
83cdc338ce8c7f5bf030ddd654a17b3a7fc6283d9331e5c0eeadc3e4c98aacfb72d51890e9dcb56f4115cd05fba09a0d45a2c751e599c1c45122b86db65f87d1
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
EUA 27034_FS for Vaccination Providers-Full EUA PI_Final_4.6.2021.pdf
-
Size
1.1MB
-
MD5
237afde9fad4619889d9cde8e80a5180
-
SHA1
b0b53f8cae545c2961b662941652390ccad02700
-
SHA256
8ceea84eccec373701f4ed54703beb6381d05be2bdbb93ae58d78726fdca6807
-
SHA512
86de2d6c65bfe241d13a06dbdae1727021d93ba11f3e5db8eda9a899ebbb56b646ff041755803caaa5ae4cb10bef1e9d941267a1e0188c32138c45382021b2f8
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
SUMMARY OF PRODUCT CHARACTERISTICS/comirnaty-epar-product-information_en.pdf
-
Size
737KB
-
MD5
6b0b509b3c6d375e989213a1ed32f2b2
-
SHA1
cb96c3fd157469362268f05644498562ca83317e
-
SHA256
b7af9b46c0ad2c921b0d38736013f39106d8eda881947d07ba12f587f9d3ae81
-
SHA512
e7f0f28794c2a4d66caf848134cbe734cb2fc397d4b3d9ada600323df67c6201a224ae746d208b8799777c7c96d9e48beeada8449bb3c815a256d9d0901a8226
Score1/10 -