General
-
Target
7a333a9533b7b791e250cb6c1b8888443067abc4f7753b3fe93a233f691941d8
-
Size
5.0MB
-
Sample
220420-rnyy8sdah4
-
MD5
1bb13a8dc3f7047507644e2554a3ed1c
-
SHA1
01f11194e7c1bd6895213da9d3424b31994cb016
-
SHA256
7a333a9533b7b791e250cb6c1b8888443067abc4f7753b3fe93a233f691941d8
-
SHA512
57bace1d7b712aa21f49bf9958ace981e909976f9d9b1e9fd75d7a20741491d1ba2c2ce505ba63e66f2861b1584833c268a795aa54dde7ba670b4284248d93ca
Static task
static1
Behavioral task
behavioral1
Sample
7a333a9533b7b791e250cb6c1b8888443067abc4f7753b3fe93a233f691941d8.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
7a333a9533b7b791e250cb6c1b8888443067abc4f7753b3fe93a233f691941d8
-
Size
5.0MB
-
MD5
1bb13a8dc3f7047507644e2554a3ed1c
-
SHA1
01f11194e7c1bd6895213da9d3424b31994cb016
-
SHA256
7a333a9533b7b791e250cb6c1b8888443067abc4f7753b3fe93a233f691941d8
-
SHA512
57bace1d7b712aa21f49bf9958ace981e909976f9d9b1e9fd75d7a20741491d1ba2c2ce505ba63e66f2861b1584833c268a795aa54dde7ba670b4284248d93ca
-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-