General
-
Target
41a8b4e9dae0707c574ff06884a62ee11f6febe9f72e8a8c7c8b8c7fe25b8924
-
Size
159KB
-
Sample
220521-m2wzksgacm
-
MD5
7f9409430514a981b3099b50db0e75d6
-
SHA1
15cfefaa5abae77ac2f8edf433e6275b1103dba8
-
SHA256
41a8b4e9dae0707c574ff06884a62ee11f6febe9f72e8a8c7c8b8c7fe25b8924
-
SHA512
7d0476807e6d5b0136b745f54eef04bc2b8d772e08405df83e1563992c29e7348f7db63a9b7d9b7381fdb336c62cad494b628457ed829661aa2b248b13289c6f
Static task
static1
Behavioral task
behavioral1
Sample
41a8b4e9dae0707c574ff06884a62ee11f6febe9f72e8a8c7c8b8c7fe25b8924.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
41a8b4e9dae0707c574ff06884a62ee11f6febe9f72e8a8c7c8b8c7fe25b8924.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
41a8b4e9dae0707c574ff06884a62ee11f6febe9f72e8a8c7c8b8c7fe25b8924
-
Size
159KB
-
MD5
7f9409430514a981b3099b50db0e75d6
-
SHA1
15cfefaa5abae77ac2f8edf433e6275b1103dba8
-
SHA256
41a8b4e9dae0707c574ff06884a62ee11f6febe9f72e8a8c7c8b8c7fe25b8924
-
SHA512
7d0476807e6d5b0136b745f54eef04bc2b8d772e08405df83e1563992c29e7348f7db63a9b7d9b7381fdb336c62cad494b628457ed829661aa2b248b13289c6f
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-