General
-
Target
deee473f0c868f5d1277ccfcec98230be79f65cb9a7d91750eaa70d80c3b1976
-
Size
9.7MB
-
Sample
220508-vr78vsgcep
-
MD5
5d4aacaa6b58dc095ed8ed2847087816
-
SHA1
16cff3d372f34feba68ca1b72eb8771b01f55c47
-
SHA256
deee473f0c868f5d1277ccfcec98230be79f65cb9a7d91750eaa70d80c3b1976
-
SHA512
b932a938baa59d7a64f12ca8ba6cf022dcee0f5a84dcaba0dd89034077dd04303cdcbc4ee9a3a3525eb3874c1f57319d38e7dab372ce158107899ca70cdfdf79
Static task
static1
Behavioral task
behavioral1
Sample
deee473f0c868f5d1277ccfcec98230be79f65cb9a7d91750eaa70d80c3b1976.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
deee473f0c868f5d1277ccfcec98230be79f65cb9a7d91750eaa70d80c3b1976.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
deee473f0c868f5d1277ccfcec98230be79f65cb9a7d91750eaa70d80c3b1976
-
Size
9.7MB
-
MD5
5d4aacaa6b58dc095ed8ed2847087816
-
SHA1
16cff3d372f34feba68ca1b72eb8771b01f55c47
-
SHA256
deee473f0c868f5d1277ccfcec98230be79f65cb9a7d91750eaa70d80c3b1976
-
SHA512
b932a938baa59d7a64f12ca8ba6cf022dcee0f5a84dcaba0dd89034077dd04303cdcbc4ee9a3a3525eb3874c1f57319d38e7dab372ce158107899ca70cdfdf79
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-