General
-
Target
8db3b9_408b52dd81ad428db256ba35835b2ee7.txt?dn=asdoawkdajicqujwdi
-
Size
47KB
-
Sample
220425-1fklbahgak
-
MD5
2092518be62aac4a29f7b0ea4b8c2cfc
-
SHA1
865b1e2489deb46e64b1d8627a2e43a92779a70e
-
SHA256
e2326b2253bcd8b140ffc210096602764a303573fa1f2b9dd801bd8a06b157bc
-
SHA512
f5ff6e2db41f6a911c0ad3646eb6ee96dc618ab5c0d3070508d2df39c3895a85fd27f0ea728c2e117e45912f89c10c623bf807add84b8c47bcdf74b7c11bd837
Static task
static1
Behavioral task
behavioral1
Sample
8db3b9_408b52dd81ad428db256ba35835b2ee7.ps1
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
8db3b9_408b52dd81ad428db256ba35835b2ee7.ps1
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
8db3b9_408b52dd81ad428db256ba35835b2ee7.txt?dn=asdoawkdajicqujwdi
-
Size
47KB
-
MD5
2092518be62aac4a29f7b0ea4b8c2cfc
-
SHA1
865b1e2489deb46e64b1d8627a2e43a92779a70e
-
SHA256
e2326b2253bcd8b140ffc210096602764a303573fa1f2b9dd801bd8a06b157bc
-
SHA512
f5ff6e2db41f6a911c0ad3646eb6ee96dc618ab5c0d3070508d2df39c3895a85fd27f0ea728c2e117e45912f89c10c623bf807add84b8c47bcdf74b7c11bd837
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-