General
-
Target
f86c92fb1dfb37df48fb5ead375fc86782e8e2d420786c40b6fda7304436e859
-
Size
166KB
-
Sample
220326-sv5wssecf5
-
MD5
6d1009cfb5e919ff3f8aea0abb8591d5
-
SHA1
4c0323cd70493b259a82d52695abbd09379d42a6
-
SHA256
f86c92fb1dfb37df48fb5ead375fc86782e8e2d420786c40b6fda7304436e859
-
SHA512
556c3b476324306e07bfd0f5066756b0f1d21cf3a0f68084caeead1e9d762df8237579f3a14f3f5c7f0536aeea239e482c3340b40452aa768f62f5fadc313a2a
Static task
static1
Behavioral task
behavioral1
Sample
f86c92fb1dfb37df48fb5ead375fc86782e8e2d420786c40b6fda7304436e859.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
f86c92fb1dfb37df48fb5ead375fc86782e8e2d420786c40b6fda7304436e859.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
f86c92fb1dfb37df48fb5ead375fc86782e8e2d420786c40b6fda7304436e859
-
Size
166KB
-
MD5
6d1009cfb5e919ff3f8aea0abb8591d5
-
SHA1
4c0323cd70493b259a82d52695abbd09379d42a6
-
SHA256
f86c92fb1dfb37df48fb5ead375fc86782e8e2d420786c40b6fda7304436e859
-
SHA512
556c3b476324306e07bfd0f5066756b0f1d21cf3a0f68084caeead1e9d762df8237579f3a14f3f5c7f0536aeea239e482c3340b40452aa768f62f5fadc313a2a
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Adds Run key to start application
-
Modifies WinLogon
-