General
-
Target
7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6
-
Size
93KB
-
Sample
220520-2yblssbbfk
-
MD5
87ab3c97f998f8ed39ed7222fd550778
-
SHA1
8fcd2ac075ef9cba0953686d1702960ac24c3933
-
SHA256
7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6
-
SHA512
87525fb6607882d0b1984f3e5f45021c0b932c1c66fad776cedcb8557a9cb5f391f10ad9c393aed91a53e95e27de72353dad195d78b324884fae775572449a49
Static task
static1
Behavioral task
behavioral1
Sample
7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6
-
Size
93KB
-
MD5
87ab3c97f998f8ed39ed7222fd550778
-
SHA1
8fcd2ac075ef9cba0953686d1702960ac24c3933
-
SHA256
7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6
-
SHA512
87525fb6607882d0b1984f3e5f45021c0b932c1c66fad776cedcb8557a9cb5f391f10ad9c393aed91a53e95e27de72353dad195d78b324884fae775572449a49
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-