General
-
Target
121049f641b104f6810e31f95b57b99b8b5a36c4e2319c301fda90d607b61bba
-
Size
32KB
-
Sample
220520-3p99faccam
-
MD5
f096b17e48dccdbe2bcbbabf2b3d2abc
-
SHA1
d47cfbf823d5875dd608f287d8fd2dd7a4b50ff1
-
SHA256
121049f641b104f6810e31f95b57b99b8b5a36c4e2319c301fda90d607b61bba
-
SHA512
ab19ad16865de33b6fab2fe05b1156ccef70929d6dd0128309c3ef5f8cd732aaca2a2f4463d1fc50d212cfdbf80a99e88e5215c2b6455e844239b508c3aa2762
Static task
static1
Behavioral task
behavioral1
Sample
121049f641b104f6810e31f95b57b99b8b5a36c4e2319c301fda90d607b61bba.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
121049f641b104f6810e31f95b57b99b8b5a36c4e2319c301fda90d607b61bba.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
121049f641b104f6810e31f95b57b99b8b5a36c4e2319c301fda90d607b61bba
-
Size
32KB
-
MD5
f096b17e48dccdbe2bcbbabf2b3d2abc
-
SHA1
d47cfbf823d5875dd608f287d8fd2dd7a4b50ff1
-
SHA256
121049f641b104f6810e31f95b57b99b8b5a36c4e2319c301fda90d607b61bba
-
SHA512
ab19ad16865de33b6fab2fe05b1156ccef70929d6dd0128309c3ef5f8cd732aaca2a2f4463d1fc50d212cfdbf80a99e88e5215c2b6455e844239b508c3aa2762
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-