General
-
Target
1f0841edf877133a15a931a6d98eb84d83657b9f64e4395fdbf4988b1579073d.bin.sample.gz
-
Size
335KB
-
Sample
220614-ja2tzacfcq
-
MD5
d58cf0a369564dccd5f162a5a6744b58
-
SHA1
8b5f93739fb435858e8fa057328893dfea52c65f
-
SHA256
17b964d940a8290f090724e7353cd32091da72076aa8823e0159c05b94b3e538
-
SHA512
9ea0fc9bbb17d21926940452b2940a0f73ed843f67684c4f978877ff04d3e878402fe83821460a8b3488f792a3deda5f3556e06c33deccc56fbf258d52cce937
Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
sample.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\TEMP\readmee.txt
13WDsG32nT9TvaK2uc24Pk8WLLejKTPXJL
Targets
-
-
Target
sample
-
Size
452KB
-
MD5
aa8a80fba6bf763cf203df243cc67e32
-
SHA1
5472dedcc20a5b341c11834799901bbb06080bfd
-
SHA256
1f0841edf877133a15a931a6d98eb84d83657b9f64e4395fdbf4988b1579073d
-
SHA512
58ae8e054df8f0d8b7a686d1a95d094ebb8330531da6ecf2d43b3b278a6b3c0378aa5c2609c36f0a4f1e96a204def392a6b6e5ae92c46be5c9a6ff1234b9f89f
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-