General
-
Target
dfb278405d6f2c0795936304f4c8d2e572be0d2699477d5b68b4fcff67f9bf42.zip
-
Size
398KB
-
Sample
220407-qlz8vadfhm
-
MD5
028fb5fa3b8c45582b11b245ac7a5eb4
-
SHA1
5bd77c6677e557057f3b374c852f3f2687e8a885
-
SHA256
a828743c3f2f5d2faf7271d90a8ba6bed316ad29d3021d5d62bd832374cbeb1c
-
SHA512
e02c158668207eebc1c9bd22232596c456631889798811d9c4747ab53fbf4cb13692cc432c9f145acf10de9e29aa461dfeb43bc3fdec3e4d4da71b052db53497
Static task
static1
Behavioral task
behavioral1
Sample
dfb278405d6f2c0795936304f4c8d2e572be0d2699477d5b68b4fcff67f9bf42.exe
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
dfb278405d6f2c0795936304f4c8d2e572be0d2699477d5b68b4fcff67f9bf42.exe
Resource
win10v2004-20220331-en
Malware Config
Targets
-
-
Target
dfb278405d6f2c0795936304f4c8d2e572be0d2699477d5b68b4fcff67f9bf42.exe
-
Size
627KB
-
MD5
af776fc957e51c8846258b4d8004e1a1
-
SHA1
3baed603d9b56e085d56371397595f81edcf7b70
-
SHA256
dfb278405d6f2c0795936304f4c8d2e572be0d2699477d5b68b4fcff67f9bf42
-
SHA512
dc1d06d9d55d5bfd008d3f1e272c60440b777552dccb76858b062d1affbeae4f6c84429e2db8df5c8bd25edfd4a6afef5b81d76eaa801e36d5b7efdd1e3f92ef
Score10/10-
DarkTrack Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-