General
-
Target
fad2e8293cf38eec695b1b5c012e187999bd94fbcad91d8f110605a9709c31b3
-
Size
8.2MB
-
Sample
220228-dswssaedhk
-
MD5
bafdcdfdac4e0d5a835c1048af2a3815
-
SHA1
8ed85a4739ab5945ee21e05947eb204ef04bcc02
-
SHA256
fad2e8293cf38eec695b1b5c012e187999bd94fbcad91d8f110605a9709c31b3
-
SHA512
cebd84cc2763126fb041bfb2bde31447c3bc09af08bbd6087bbc7640d7a64a5edc158916db639f590e74439eb7b9e057bf70b98d74aff8f27c2c2ffc7e69a743
Static task
static1
Behavioral task
behavioral1
Sample
fad2e8293cf38eec695b1b5c012e187999bd94fbcad91d8f110605a9709c31b3.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
fad2e8293cf38eec695b1b5c012e187999bd94fbcad91d8f110605a9709c31b3
-
Size
8.2MB
-
MD5
bafdcdfdac4e0d5a835c1048af2a3815
-
SHA1
8ed85a4739ab5945ee21e05947eb204ef04bcc02
-
SHA256
fad2e8293cf38eec695b1b5c012e187999bd94fbcad91d8f110605a9709c31b3
-
SHA512
cebd84cc2763126fb041bfb2bde31447c3bc09af08bbd6087bbc7640d7a64a5edc158916db639f590e74439eb7b9e057bf70b98d74aff8f27c2c2ffc7e69a743
-
Babadeda Crypter
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
autoit_exe
AutoIT scripts compiled to PE executables.
-