General
-
Target
435c9e12d8c0f1e07e43a2154ed4752b5a037e69d9e88522f9c80e6a4ae83a34
-
Size
515KB
-
Sample
220427-reg95aged7
-
MD5
ad552d70cef0c066811758ccf2bca571
-
SHA1
7d12f604047eb7a28332e2c33e72e9af8c8ccb2d
-
SHA256
435c9e12d8c0f1e07e43a2154ed4752b5a037e69d9e88522f9c80e6a4ae83a34
-
SHA512
4a0dc9241ce771f4c151f745a80f1a79ef9f73768fd99714a1e1bfeabc4d1f4bf8c857b58ffc2b87de645041e62af66aacc9387ca722332b622d8fd476711180
Static task
static1
Behavioral task
behavioral1
Sample
435c9e12d8c0f1e07e43a2154ed4752b5a037e69d9e88522f9c80e6a4ae83a34.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
435c9e12d8c0f1e07e43a2154ed4752b5a037e69d9e88522f9c80e6a4ae83a34
-
Size
515KB
-
MD5
ad552d70cef0c066811758ccf2bca571
-
SHA1
7d12f604047eb7a28332e2c33e72e9af8c8ccb2d
-
SHA256
435c9e12d8c0f1e07e43a2154ed4752b5a037e69d9e88522f9c80e6a4ae83a34
-
SHA512
4a0dc9241ce771f4c151f745a80f1a79ef9f73768fd99714a1e1bfeabc4d1f4bf8c857b58ffc2b87de645041e62af66aacc9387ca722332b622d8fd476711180
-
Poullight Stealer Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-