General
-
Target
a40b2024c8c23f5584205a8d30e47161db2853e166748cd2963a82034c3893bc
-
Size
3.3MB
-
Sample
220503-cq5r8sfhe8
-
MD5
71239e1dccf1d01ed9f2eea461a3f6ed
-
SHA1
47fedfd6367e49b15cb24107c60a4351570da628
-
SHA256
a40b2024c8c23f5584205a8d30e47161db2853e166748cd2963a82034c3893bc
-
SHA512
bd6f2948e2919162abae27549cb073ff9a6882b63ba2573d44302c424163dc71f99c8d71984959c0125fc2c2e203adc1607aa1633d002158ca559efd680536c5
Static task
static1
Behavioral task
behavioral1
Sample
a40b2024c8c23f5584205a8d30e47161db2853e166748cd2963a82034c3893bc.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
a40b2024c8c23f5584205a8d30e47161db2853e166748cd2963a82034c3893bc.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
a40b2024c8c23f5584205a8d30e47161db2853e166748cd2963a82034c3893bc
-
Size
3.3MB
-
MD5
71239e1dccf1d01ed9f2eea461a3f6ed
-
SHA1
47fedfd6367e49b15cb24107c60a4351570da628
-
SHA256
a40b2024c8c23f5584205a8d30e47161db2853e166748cd2963a82034c3893bc
-
SHA512
bd6f2948e2919162abae27549cb073ff9a6882b63ba2573d44302c424163dc71f99c8d71984959c0125fc2c2e203adc1607aa1633d002158ca559efd680536c5
Score10/10-
DarkTrack Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-