General
-
Target
b87d00d15fc6956c0d23b02177616900020a43c871c7d115ae178f3d5a924456
-
Size
515KB
-
Sample
220418-w8la4aeca2
-
MD5
85792b138563c304aed61a2ef6f01c21
-
SHA1
84fbb01b3be8a85eb4a28c47c6f92906b880d384
-
SHA256
b87d00d15fc6956c0d23b02177616900020a43c871c7d115ae178f3d5a924456
-
SHA512
03eed4c87f9f673558111b0b006c4033d5d31e34552234680790e08fac708237c4cd2d1debe55052e635eb483ef718d5b721ebccf212b624af58b488aa5f0f35
Static task
static1
Behavioral task
behavioral1
Sample
b87d00d15fc6956c0d23b02177616900020a43c871c7d115ae178f3d5a924456.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
b87d00d15fc6956c0d23b02177616900020a43c871c7d115ae178f3d5a924456
-
Size
515KB
-
MD5
85792b138563c304aed61a2ef6f01c21
-
SHA1
84fbb01b3be8a85eb4a28c47c6f92906b880d384
-
SHA256
b87d00d15fc6956c0d23b02177616900020a43c871c7d115ae178f3d5a924456
-
SHA512
03eed4c87f9f673558111b0b006c4033d5d31e34552234680790e08fac708237c4cd2d1debe55052e635eb483ef718d5b721ebccf212b624af58b488aa5f0f35
-
Poullight Stealer Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-