General
-
Target
e811876b6b26566ab5ccb1cfd06b39f4a4eddd81b8116e52979f44bb93684ff2
-
Size
14KB
-
Sample
220327-j9a6asfdd3
-
MD5
4a62ca92599961d4e4124a95f32dc179
-
SHA1
30018888cf64ea8b26d55b2438f6d0f3ed48f35b
-
SHA256
e811876b6b26566ab5ccb1cfd06b39f4a4eddd81b8116e52979f44bb93684ff2
-
SHA512
8fc7ff670d698e6502350c6cfff6e4fd6814f8747302ed70b92d95464774112108feeba031343a6acebdb1d0f35e1e0fcd8a13b4a35b2cf91722063e5bdbb535
Static task
static1
Behavioral task
behavioral1
Sample
e811876b6b26566ab5ccb1cfd06b39f4a4eddd81b8116e52979f44bb93684ff2.exe
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
e811876b6b26566ab5ccb1cfd06b39f4a4eddd81b8116e52979f44bb93684ff2.exe
Resource
win10v2004-20220331-en
Malware Config
Targets
-
-
Target
e811876b6b26566ab5ccb1cfd06b39f4a4eddd81b8116e52979f44bb93684ff2
-
Size
14KB
-
MD5
4a62ca92599961d4e4124a95f32dc179
-
SHA1
30018888cf64ea8b26d55b2438f6d0f3ed48f35b
-
SHA256
e811876b6b26566ab5ccb1cfd06b39f4a4eddd81b8116e52979f44bb93684ff2
-
SHA512
8fc7ff670d698e6502350c6cfff6e4fd6814f8747302ed70b92d95464774112108feeba031343a6acebdb1d0f35e1e0fcd8a13b4a35b2cf91722063e5bdbb535
Score10/10-
Modifies WinLogon for persistence
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-