General
-
Target
767a2c2cdb3e34333727a4594d345d55da89528d0219bf8e9a2b01567ad0045f
-
Size
181KB
-
Sample
220520-2rygzsfhc6
-
MD5
33caaaa642770f60f9298e627ac2a70e
-
SHA1
b79349e8ef626045d86d3d099d4ad6cf58d6c7c0
-
SHA256
767a2c2cdb3e34333727a4594d345d55da89528d0219bf8e9a2b01567ad0045f
-
SHA512
4aaf1835f7909672d8356e7b4bbb06391be57030d98fd3e9bbe3bed42720dd001d8c32a64f1e197156d0365551ab3004ee1e01554f5bbf99b246f9d06fed3d64
Static task
static1
Behavioral task
behavioral1
Sample
767a2c2cdb3e34333727a4594d345d55da89528d0219bf8e9a2b01567ad0045f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
767a2c2cdb3e34333727a4594d345d55da89528d0219bf8e9a2b01567ad0045f.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
767a2c2cdb3e34333727a4594d345d55da89528d0219bf8e9a2b01567ad0045f
-
Size
181KB
-
MD5
33caaaa642770f60f9298e627ac2a70e
-
SHA1
b79349e8ef626045d86d3d099d4ad6cf58d6c7c0
-
SHA256
767a2c2cdb3e34333727a4594d345d55da89528d0219bf8e9a2b01567ad0045f
-
SHA512
4aaf1835f7909672d8356e7b4bbb06391be57030d98fd3e9bbe3bed42720dd001d8c32a64f1e197156d0365551ab3004ee1e01554f5bbf99b246f9d06fed3d64
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-