General
-
Target
62ba6f76a9dfa3cd19b768e435124b8217420d58efad6265ce20a443deb3619d
-
Size
167KB
-
Sample
220327-drgx8sceh3
-
MD5
e2dd51185d89bf02160ca232d2c9be77
-
SHA1
d562fc86c73c154030b7f7021ecc10c89312cc22
-
SHA256
62ba6f76a9dfa3cd19b768e435124b8217420d58efad6265ce20a443deb3619d
-
SHA512
6d2e3cfdecbd7cbce5258b312405ad53f6e0e4a0b2a2f1e98795063cf0718203494125d663e411742c0033a6e1cb580843a1ff1475e25ea82bd09a2a70deb340
Static task
static1
Behavioral task
behavioral1
Sample
62ba6f76a9dfa3cd19b768e435124b8217420d58efad6265ce20a443deb3619d.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
62ba6f76a9dfa3cd19b768e435124b8217420d58efad6265ce20a443deb3619d.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
62ba6f76a9dfa3cd19b768e435124b8217420d58efad6265ce20a443deb3619d
-
Size
167KB
-
MD5
e2dd51185d89bf02160ca232d2c9be77
-
SHA1
d562fc86c73c154030b7f7021ecc10c89312cc22
-
SHA256
62ba6f76a9dfa3cd19b768e435124b8217420d58efad6265ce20a443deb3619d
-
SHA512
6d2e3cfdecbd7cbce5258b312405ad53f6e0e4a0b2a2f1e98795063cf0718203494125d663e411742c0033a6e1cb580843a1ff1475e25ea82bd09a2a70deb340
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Adds Run key to start application
-
Modifies WinLogon
-