General
-
Target
3cc9e7d200d5e06142cf837f60b87d99b25d188c7cb52ab0bbdbe9090b7aeaea
-
Size
5.5MB
-
Sample
220415-gqyq5sghgq
-
MD5
cc9c6aee7ceaf6e332f4baa7347c0195
-
SHA1
ead3f94f0647f6cffc0399657e0fd1b0e665a8dd
-
SHA256
3cc9e7d200d5e06142cf837f60b87d99b25d188c7cb52ab0bbdbe9090b7aeaea
-
SHA512
cf18e6477fd61852a2a1b44d0d1f40ed5839b107da331e11166ac976482cddf79462fd6cf1e354cf8cccb04e4c9374cbe4b5e97b21e79379cd5f1d2978fa3e5c
Static task
static1
Behavioral task
behavioral1
Sample
3cc9e7d200d5e06142cf837f60b87d99b25d188c7cb52ab0bbdbe9090b7aeaea.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
3cc9e7d200d5e06142cf837f60b87d99b25d188c7cb52ab0bbdbe9090b7aeaea
-
Size
5.5MB
-
MD5
cc9c6aee7ceaf6e332f4baa7347c0195
-
SHA1
ead3f94f0647f6cffc0399657e0fd1b0e665a8dd
-
SHA256
3cc9e7d200d5e06142cf837f60b87d99b25d188c7cb52ab0bbdbe9090b7aeaea
-
SHA512
cf18e6477fd61852a2a1b44d0d1f40ed5839b107da331e11166ac976482cddf79462fd6cf1e354cf8cccb04e4c9374cbe4b5e97b21e79379cd5f1d2978fa3e5c
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-