General
-
Target
23fb92919059417d63da18028869fdb717db5e07ad305d9d244246492c67009c
-
Size
3.2MB
-
Sample
220520-3gh5zsghc2
-
MD5
164522c5805de5f7392cf0f81e67914f
-
SHA1
11da4bf6263230b0f740d0f602ee7b9d5bd00800
-
SHA256
23fb92919059417d63da18028869fdb717db5e07ad305d9d244246492c67009c
-
SHA512
7c3c8dbe99a9f1c4b7e6e06ecd84a209c224ee41490e358b978de90ee0b42d354e8d6bdcb4932d8465b63b500b67c057992de8c2dbf61d7cfce0cfea8e5e05da
Static task
static1
Behavioral task
behavioral1
Sample
23fb92919059417d63da18028869fdb717db5e07ad305d9d244246492c67009c.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
23fb92919059417d63da18028869fdb717db5e07ad305d9d244246492c67009c.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
23fb92919059417d63da18028869fdb717db5e07ad305d9d244246492c67009c
-
Size
3.2MB
-
MD5
164522c5805de5f7392cf0f81e67914f
-
SHA1
11da4bf6263230b0f740d0f602ee7b9d5bd00800
-
SHA256
23fb92919059417d63da18028869fdb717db5e07ad305d9d244246492c67009c
-
SHA512
7c3c8dbe99a9f1c4b7e6e06ecd84a209c224ee41490e358b978de90ee0b42d354e8d6bdcb4932d8465b63b500b67c057992de8c2dbf61d7cfce0cfea8e5e05da
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Disables RegEdit via registry modification
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Sets file execution options in registry
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-