General
-
Target
911197fc5a71d61534e341e8d20a8f0bd4dc4d3ec253d327a3ae8e6375bb13a6
-
Size
157KB
-
Sample
220520-3zewaahge2
-
MD5
182e2cce08ee92c62f64752aaa23c369
-
SHA1
e47112a7f7ce5c3105249f043bb809daf490b7d8
-
SHA256
911197fc5a71d61534e341e8d20a8f0bd4dc4d3ec253d327a3ae8e6375bb13a6
-
SHA512
b66d06c7862641351c12b2c91cca3be32b1a8d35e9525e1447b14385b8dc81129f93b10b58ba6058de88818bc9209a6d54be24b4b8a0dda7cf9b53b0b19e4f6a
Static task
static1
Behavioral task
behavioral1
Sample
911197fc5a71d61534e341e8d20a8f0bd4dc4d3ec253d327a3ae8e6375bb13a6.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
911197fc5a71d61534e341e8d20a8f0bd4dc4d3ec253d327a3ae8e6375bb13a6
-
Size
157KB
-
MD5
182e2cce08ee92c62f64752aaa23c369
-
SHA1
e47112a7f7ce5c3105249f043bb809daf490b7d8
-
SHA256
911197fc5a71d61534e341e8d20a8f0bd4dc4d3ec253d327a3ae8e6375bb13a6
-
SHA512
b66d06c7862641351c12b2c91cca3be32b1a8d35e9525e1447b14385b8dc81129f93b10b58ba6058de88818bc9209a6d54be24b4b8a0dda7cf9b53b0b19e4f6a
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-