General
-
Target
21e82b438e9372b136719ebb26d2c8024e2e80d866b144ed0d509a7c9db67a64
-
Size
218KB
-
Sample
220612-hvp58sbacq
-
MD5
4ced579c892ddde3858eaaca641759bb
-
SHA1
655346c704eb41422328998fab56691f352dec4d
-
SHA256
21e82b438e9372b136719ebb26d2c8024e2e80d866b144ed0d509a7c9db67a64
-
SHA512
611ef0f7ba245d9338ffa1e2ed2e5ac09b610ee0c8d4dea31b64281dc144a67240635e9cdeb493332f9468715f49a4e10e362fabf5a80cb6c65bd16078b4e7da
Static task
static1
Behavioral task
behavioral1
Sample
21e82b438e9372b136719ebb26d2c8024e2e80d866b144ed0d509a7c9db67a64.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
21e82b438e9372b136719ebb26d2c8024e2e80d866b144ed0d509a7c9db67a64.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
21e82b438e9372b136719ebb26d2c8024e2e80d866b144ed0d509a7c9db67a64
-
Size
218KB
-
MD5
4ced579c892ddde3858eaaca641759bb
-
SHA1
655346c704eb41422328998fab56691f352dec4d
-
SHA256
21e82b438e9372b136719ebb26d2c8024e2e80d866b144ed0d509a7c9db67a64
-
SHA512
611ef0f7ba245d9338ffa1e2ed2e5ac09b610ee0c8d4dea31b64281dc144a67240635e9cdeb493332f9468715f49a4e10e362fabf5a80cb6c65bd16078b4e7da
Score10/10-
suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016
suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-