General
-
Target
4debb4f25eac92ef1ee8fcb387080dbd72f825e266aa6b2d4e0c5302d512cb3f
-
Size
515KB
-
Sample
220420-tyysbsheg4
-
MD5
9c2469949de87958c9a0adc0fbd642fe
-
SHA1
850f57a6b43ab16003489dc3ade010d943882209
-
SHA256
4debb4f25eac92ef1ee8fcb387080dbd72f825e266aa6b2d4e0c5302d512cb3f
-
SHA512
474dbc99b12f10fff578ccb39cafabd5e3ec2c8599ba1e5e39227c5edc11e6338d043dd42f5fb902ca74f661fb5eda89c17e99ce27b272a857ada18a119f336f
Static task
static1
Behavioral task
behavioral1
Sample
4debb4f25eac92ef1ee8fcb387080dbd72f825e266aa6b2d4e0c5302d512cb3f.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
4debb4f25eac92ef1ee8fcb387080dbd72f825e266aa6b2d4e0c5302d512cb3f
-
Size
515KB
-
MD5
9c2469949de87958c9a0adc0fbd642fe
-
SHA1
850f57a6b43ab16003489dc3ade010d943882209
-
SHA256
4debb4f25eac92ef1ee8fcb387080dbd72f825e266aa6b2d4e0c5302d512cb3f
-
SHA512
474dbc99b12f10fff578ccb39cafabd5e3ec2c8599ba1e5e39227c5edc11e6338d043dd42f5fb902ca74f661fb5eda89c17e99ce27b272a857ada18a119f336f
-
Poullight Stealer Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-