General
-
Target
0576409a978e936604c09649b2db4466428903f346e1cece4cbbda244b3db672
-
Size
2.5MB
-
Sample
220527-we1tpabagp
-
MD5
40fb983ff0568389f34942bb2aeed39b
-
SHA1
ec8b95ee374397430b7db55c56bb1e011675e1a1
-
SHA256
0576409a978e936604c09649b2db4466428903f346e1cece4cbbda244b3db672
-
SHA512
5aca28dbede74328075964632f7936c947c49eaddd3a727b805a36955bbb8192746d398940b5998af7cebb6b82113d7c82b443e227591b2a7c66f8f1b1d23894
Static task
static1
Behavioral task
behavioral1
Sample
0576409a978e936604c09649b2db4466428903f346e1cece4cbbda244b3db672.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
0576409a978e936604c09649b2db4466428903f346e1cece4cbbda244b3db672
-
Size
2.5MB
-
MD5
40fb983ff0568389f34942bb2aeed39b
-
SHA1
ec8b95ee374397430b7db55c56bb1e011675e1a1
-
SHA256
0576409a978e936604c09649b2db4466428903f346e1cece4cbbda244b3db672
-
SHA512
5aca28dbede74328075964632f7936c947c49eaddd3a727b805a36955bbb8192746d398940b5998af7cebb6b82113d7c82b443e227591b2a7c66f8f1b1d23894
-
suricata: ET MALWARE Possible Windows executable sent when remote host claims to send a Text File
suricata: ET MALWARE Possible Windows executable sent when remote host claims to send a Text File
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-