General
-
Target
1f9fba4208061563f04814f288059b98e572c5c68cd231e03888f2e220af1c26
-
Size
843KB
-
Sample
220612-vv5xxahahl
-
MD5
b6d73fe4d1c701ddd4103870538772e4
-
SHA1
6e1d20ea59a82eae244b1b552822ab27874d4437
-
SHA256
1f9fba4208061563f04814f288059b98e572c5c68cd231e03888f2e220af1c26
-
SHA512
3e4ba236a4d1ac82184a7eeff361920aa5f64e402c876261a1aaccff0c71228bc7cae85c0bc2f548b214c5494b3dfc9a1b67ff9c96b37c09753ae5d96a48a7f5
Static task
static1
Behavioral task
behavioral1
Sample
1f9fba4208061563f04814f288059b98e572c5c68cd231e03888f2e220af1c26.exe
Resource
win7-20220414-en
Malware Config
Extracted
socelars
http://www.zhxxjs.pw/Info/
Targets
-
-
Target
1f9fba4208061563f04814f288059b98e572c5c68cd231e03888f2e220af1c26
-
Size
843KB
-
MD5
b6d73fe4d1c701ddd4103870538772e4
-
SHA1
6e1d20ea59a82eae244b1b552822ab27874d4437
-
SHA256
1f9fba4208061563f04814f288059b98e572c5c68cd231e03888f2e220af1c26
-
SHA512
3e4ba236a4d1ac82184a7eeff361920aa5f64e402c876261a1aaccff0c71228bc7cae85c0bc2f548b214c5494b3dfc9a1b67ff9c96b37c09753ae5d96a48a7f5
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-